Zdravím všechny.
Mám problém s procesem svchost.exe, který zatěžuje procesor než všechny ostatní procesy. A bylo mi poraděno, že mám jít do této sekce. Tak snad mi poradíte.
Zde je log z programu HiJackThis:
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:37:18, on 19.4.2013
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v9.00 (9.00.8112.16447)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Core Temp\Core Temp.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
C:\Program Files\XFastUSB\XFastUsb.exe
C:\Program Files\Labtec\Keyboard\V5.1\KBDAP32A.EXE
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\SysMetrix\SysMetrix.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Real\RealPlayer\Update\realsched.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Seznam.cz\bin\postak.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
C:\Program Files\OscarX7Editor5Mode\OscarX7Editor5Mode\OscarEditor.exe
C:\Windows\System32\cmd.exe
C:\Windows\system32\conhost.exe
c:\archive\data\svchost.exe
H:\Hry\Steam\Steam.exe
D:\Other\Screenshoter\Screenshoter.exe
C:\Program Files\Common Files\Java\Java Update\jucheck.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_7_700_169.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_7_700_169.exe
C:\totalcmd\TOTALCMD.EXE
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
C:\Windows\system32\SearchFilterHost.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.rambler.ru/?utm_source=r33&u ... mpaign=c01
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Blog This in Windows Live - {2adefb8e-b923-35e6-86e2-2b7841f5d6a4} - mscoree.dll (file missing)
O2 - BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll
O2 - BHO: Search-NewTab - {632438C0-D53D-818B-BA5C-DE59054DAA72} - C:\ProgramData\Search-NewTab\5118572c38f46.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office12\GR469A~1.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: Ukazatel S-Rank - {EA837F48-5AD1-443E-AE34-FFE03CBF3099} - C:\Program Files\Seznam.cz\bin\core.4.dll
O2 - BHO: ChromeFrame BHO - {ECB3C477-1A0A-44BD-BB57-78F9EFE34FA7} - C:\Program Files\Google\Chrome\Application\26.0.1410.64\npchrome_frame.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [XFastUSB] "C:\Program Files\XFastUSB\XFastUsb.exe"
O4 - HKLM\..\Run: [OFFICEKB] C:\Program Files\Labtec\Keyboard\V5.1\kbdap32a.exe
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [SysMetrix] C:\Program Files\SysMetrix\SysMetrix.exe
O4 - HKLM\..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [RPCResolver] C:\archive\data\WinINIT.vbs
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Real\RealPlayer\update\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Seznam Postak] "C:\Program Files\Seznam.cz\bin\postak.exe" -s
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
O4 - HKCU\..\Run: [OscarX7Mouse5Mode] "C:\Program Files\OscarX7Editor5Mode\OscarX7Editor5Mode\OscarEditor.exe" Minimum
O4 - HKCU\..\Run: [MTool] C:\Users\Rasty Kartas\AppData\Roaming\MCommon\MTool_new.exe
O4 - HKCU\..\Run: [Steam] "H:\Hry\Steam\steam.exe" -silent
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-2518957177-3384376808-1782611467-1003\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-2518957177-3384376808-1782611467-1003\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O4 - HKUS\S-1-5-18\..\Run: [Samsung.PCSync] "C:\Program Files\Samsung\Samsung PC Studio 7\PcSync2.exe" /NoDialog (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Samsung.PCSync] "C:\Program Files\Samsung\Samsung PC Studio 7\PcSync2.exe" /NoDialog (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Přeložit - {230D1201-7607-4CF6-A11F-9E4BF0A333E0} - C:\Program Files\Verdict Free\etnxp.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: (no name) - {2C73F784-D2DE-4422-B070-2E3332FE5744} - C:\Program Files\Verdict Free\etnxp.dll
O9 - Extra 'Tools' menuitem: Internetový překladač... - {2C73F784-D2DE-4422-B070-2E3332FE5744} - C:\Program Files\Verdict Free\etnxp.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: Zobrazit nebo skrýt HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://fpdownload2.macromedia.com/get/s ... tor/sw.cab
O16 - DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} (SysInfo Class) - http://content.systemrequirementslab.co ... .5.1.0.cab
O18 - Protocol: gcf - {9875BFAF-B04D-445E-8A69-BE36838CDE3E} - C:\Program Files\Google\Chrome\Application\26.0.1410.64\npchrome_frame.dll
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~3\Office12\GRA32A~1.DLL
O20 - AppInit_DLLs: c:\progra~1\websea~1\sprote~1.dll,C:\Windows\system32\nvinit.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Alcohol Virtual Drive Auto-mount Service (AxAutoMntSrv) - Alcohol Soft Development Team - C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\system32\IntelCpHeciSvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) ME Service - Unknown owner - C:\Program Files\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: ISCT Always Updated Agent (ISCTAgent) - Unknown owner - C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @C:\Program Files\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files\Nero\Update\NASvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PandoraService (PanService) - Pandora.TV - C:\Program Files\PANDORA.TV\PanService\PandoraService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: RealNetworks Downloader Resolver Service - Unknown owner - C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files\Sony\Sony PC Companion\PCCService.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - StarWind Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
--
End of file - 13017 bytes
Kontrola logu. Jeden z procesů zatěžuje procesor Vyřešeno
-
Orcus
- člen Security týmu
-
Elite Level 10.5
- Příspěvky: 10645
- Registrován: duben 10
- Bydliště: Okolo rostou 3 růže =o)
- Pohlaví:
- Stav:
Offline
Re: Kontrola logu. Jeden z procesů zatěžuje procesor
Fixni:
Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected. Poté klikni na Main (hlavní stránku ) a klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.
===================================================
Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Aktualizace Malwarebytes' Anti-Malware a Spustit aplikaci Malwarebytes' Anti-Malware, pokud jo tak klikni na tlačítko konec
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Provést rychlý sken a klikni na tlačítko Skenovat
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Zobrazit výsledky
- pak zvol možnost uložit log a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.
Kód: Vybrat vše
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.rambler.ru/?utm_source=r33&u ... mpaign=c01
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected. Poté klikni na Main (hlavní stránku ) a klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.
===================================================
Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Aktualizace Malwarebytes' Anti-Malware a Spustit aplikaci Malwarebytes' Anti-Malware, pokud jo tak klikni na tlačítko konec
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Provést rychlý sken a klikni na tlačítko Skenovat
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Zobrazit výsledky
- pak zvol možnost uložit log a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.
Láska hřeje, ale uhlí je uhlí. 
Log z HJT vkládejte do HJT sekce. Je-li moc dlouhý, rozděl jej do více zpráv.
Pár rad k bezpečnosti PC.
Po dobu mé nepřítomnosti mě zastupuje memphisto, jaro3 a Diallix
Pokud budete spokojeni , můžete podpořit naše fórum.
Log z HJT vkládejte do HJT sekce. Je-li moc dlouhý, rozděl jej do více zpráv.
Pár rad k bezpečnosti PC.
Po dobu mé nepřítomnosti mě zastupuje memphisto, jaro3 a Diallix
Pokud budete spokojeni , můžete podpořit naše fórum.
Re: Kontrola logu. Jeden z procesů zatěžuje procesor
Obsah logu programu Malwarebytes' Anti-Malware:
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org
Verze: v2013.04.19.08
Windows 7 x86 NTFS
Internet Explorer 9.0.8112.16421
Rasty Kartas :: RASTY-KARTAS-PC [administrátor]
19.4.2013 23:30:59
MBAM-log-2013-04-19 (23-40-30).txt
Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 243032
Uplynulý čas: 7 minut, 40 sekund
Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené datové položky v registru: 2
HKLM\SOFTWARE\Microsoft\Security Center|FirewallDisableNotify (PUM.Disabled.SecurityCenter) -> Špatný: (1) Dobrý: (0) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Security Center|AntiVirusDisableNotify (PUM.Disabled.SecurityCenter) -> Špatný: (1) Dobrý: (0) -> Nebyla provedena žádná instrukce.
Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené soubory: 2
C:\flashplayer-lista-centrumcz.exe (Trojan.Downloader.Agent) -> Nebyla provedena žádná instrukce.
C:\Windows\System32\H@tKeysH@@k.DLL (HackTool.HotKeyHook) -> Nebyla provedena žádná instrukce.
(konec)
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org
Verze: v2013.04.19.08
Windows 7 x86 NTFS
Internet Explorer 9.0.8112.16421
Rasty Kartas :: RASTY-KARTAS-PC [administrátor]
19.4.2013 23:30:59
MBAM-log-2013-04-19 (23-40-30).txt
Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 243032
Uplynulý čas: 7 minut, 40 sekund
Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené datové položky v registru: 2
HKLM\SOFTWARE\Microsoft\Security Center|FirewallDisableNotify (PUM.Disabled.SecurityCenter) -> Špatný: (1) Dobrý: (0) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Security Center|AntiVirusDisableNotify (PUM.Disabled.SecurityCenter) -> Špatný: (1) Dobrý: (0) -> Nebyla provedena žádná instrukce.
Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené soubory: 2
C:\flashplayer-lista-centrumcz.exe (Trojan.Downloader.Agent) -> Nebyla provedena žádná instrukce.
C:\Windows\System32\H@tKeysH@@k.DLL (HackTool.HotKeyHook) -> Nebyla provedena žádná instrukce.
(konec)
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43287
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Kontrola logu. Jeden z procesů zatěžuje procesor
. Takže spusť znovu MbAM a dej Scan
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Ukaž výsledky
- ujisti se že máš zatrhnuté všechny vypsané nálezy a klikni na tlačítko Odstranit označené
- když skončí odstraňování tak se ti zobrazí log, tak ho sem dej.
- pak zvol v programu OK a pak program ukonči přes Exit
Můžeš sem pak vložit nový log z MbAM.
Stáhni si TFC
Otevři soubor a zavři všechny ostatní okna, Klikni na Start k zahájení procesu. Program by neměl trvat dlouho.
Poté by se měl PC restartovat, pokud ne , proveď sám.
Stáhni AdwCleaner
Ulož si ho na svojí plochu
Ukonči všechny programy , okna a prohlížeče
Spusť program poklepáním a klikni na „Prohledat“
Po skenu se objeví log ( jinak je uložen systémovem disku jako AdwCleaner[R?].txt), jeho obsah sem celý vlož.
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Ukaž výsledky
- ujisti se že máš zatrhnuté všechny vypsané nálezy a klikni na tlačítko Odstranit označené
- když skončí odstraňování tak se ti zobrazí log, tak ho sem dej.
- pak zvol v programu OK a pak program ukonči přes Exit
Můžeš sem pak vložit nový log z MbAM.
Stáhni si TFC
Otevři soubor a zavři všechny ostatní okna, Klikni na Start k zahájení procesu. Program by neměl trvat dlouho.
Poté by se měl PC restartovat, pokud ne , proveď sám.
Stáhni AdwCleaner
Ulož si ho na svojí plochu
Ukonči všechny programy , okna a prohlížeče
Spusť program poklepáním a klikni na „Prohledat“
Po skenu se objeví log ( jinak je uložen systémovem disku jako AdwCleaner[R?].txt), jeho obsah sem celý vlož.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: Kontrola logu. Jeden z procesů zatěžuje procesor
Nový log z MbAM:
Malwarebytes Anti-Malware 1.75.0.1300
http://www.malwarebytes.org
Verze: v2013.04.19.08
Windows 7 x86 NTFS
Internet Explorer 9.0.8112.16421
Rasty Kartas :: RASTY-KARTAS-PC [administrátor]
21.4.2013 2:37:17
mbam-log-2013-04-21 (02-37-17).txt
Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 242831
Uplynulý čas: 6 minut, 15 sekund
Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené datové položky v registru: 2
HKLM\SOFTWARE\Microsoft\Security Center|FirewallDisableNotify (PUM.Disabled.SecurityCenter) -> Špatný: (1) Dobrý: (0) -> Přesun do karantény a opravení se zdařilo.
HKLM\SOFTWARE\Microsoft\Security Center|AntiVirusDisableNotify (PUM.Disabled.SecurityCenter) -> Špatný: (1) Dobrý: (0) -> Přesun do karantény a opravení se zdařilo.
Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené soubory: 2
C:\flashplayer-lista-centrumcz.exe (Trojan.Downloader.Agent) -> Přesun do karantény a smazání se zdařilo.
C:\Windows\System32\H@tKeysH@@k.DLL (HackTool.HotKeyHook) -> Přesun do karantény a smazání se zdařilo.
(konec)
-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Log z AdwCleaner:
# AdwCleaner v2.200 - Log vytvooen 21/04/2013 v 03:12:54
# Aktualizováno 02/04/2013 Xplode
# Operaení systém : Windows 7 Ultimate (32 bits)
# Uživatel : Rasty Kartas - RASTY-KARTAS-PC
# Spuštin systém : Normální
# Spuštino z : C:\Users\Rasty Kartas\Desktop\adwcleaner.exe
# Volba [Prohledat]
***** [Služby] *****
***** [Soubory / Složky] *****
Složka Nalezeno : C:\Program Files\Ask.com
Složka Nalezeno : C:\Program Files\Babylon
Složka Nalezeno : C:\Program Files\Red Sky
Složka Nalezeno : C:\Program Files\WebSearch
Složka Nalezeno : C:\ProgramData\Ask
Složka Nalezeno : C:\ProgramData\InstallMate
Složka Nalezeno : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DownTango
Složka Nalezeno : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search-NewTab
Složka Nalezeno : C:\ProgramData\RightClick
Složka Nalezeno : C:\ProgramData\Search-NewTab
Složka Nalezeno : C:\Users\Rasty Kartas\AppData\Local\DownTango
Složka Nalezeno : C:\Users\Rasty Kartas\AppData\Local\TempDir
Složka Nalezeno : C:\Users\Rasty Kartas\AppData\LocalLow\searchresultstb
Složka Nalezeno : C:\Users\Rasty Kartas\AppData\Roaming\Mozilla\Firefox\Profiles\zyydg4z3.default\extensions\{75656794-AB59-4712-BFBC-5D816D56F3BC}
Složka Nalezeno : C:\Users\Rasty Kartas\AppData\Roaming\Mozilla\Firefox\Profiles\zyydg4z3.default\extensions\toolbar@ask.com
Složka Nalezeno : C:\Users\Rasty Kartas\AppData\Roaming\yourfiledownloader
Soubor Nalezeno : C:\Program Files\Mozilla Firefox\searchplugins\avg-secure-search.xml
Soubor Nalezeno : C:\Program Files\Mozilla Firefox\searchplugins\babylon.xml
Soubor Nalezeno : C:\Users\Public\Desktop\DownTango.lnk
Soubor Nalezeno : C:\Users\Rasty Kartas\AppData\Roaming\Mozilla\Firefox\Profiles\zyydg4z3.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi
Soubor Nalezeno : C:\Users\Rasty Kartas\AppData\Roaming\Mozilla\Firefox\Profiles\zyydg4z3.default\searchplugins\Askcom.xml
Soubor Nalezeno : C:\Users\Rasty Kartas\AppData\Roaming\Mozilla\Firefox\Profiles\zyydg4z3.default\searchplugins\icqplugin.xml
Soubor Nalezeno : C:\Users\Rasty Kartas\AppData\Roaming\Mozilla\Firefox\Profiles\zyydg4z3.default\searchplugins\WebSearch.xml
***** [Registry] *****
Data Nalezeno : HKLM\..\Windows [AppInit_DLLs] = c:\progra~1\websea~1\sprote~1.dll,
Hodnota Nalezeno : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Klíe Nalezeno : HKCU\Software\APN PIP
Klíe Nalezeno : HKCU\Software\AppDataLow\Software\SmartBar
Klíe Nalezeno : HKCU\Software\AppDataLow\SProtector
Klíe Nalezeno : HKCU\Software\Conduit
Klíe Nalezeno : HKCU\Software\DownTango
Klíe Nalezeno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Klíe Nalezeno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Klíe Nalezeno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{632438C0-D53D-818B-BA5C-DE59054DAA72}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{632438C0-D53D-818B-BA5C-DE59054DAA72}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Klíe Nalezeno : HKCU\Software\PIP
Klíe Nalezeno : HKCU\Software\Softonic
Klíe Nalezeno : HKCU\Software\Somoto Toolbar
Klíe Nalezeno : HKLM\Software\BabylonToolbar
Klíe Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{632438C0-D53D-818B-BA5C-DE59054DAA72}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Prod.cap
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Klíe Nalezeno : HKLM\Software\Conduit
Klíe Nalezeno : HKLM\Software\dlQUE
Klíe Nalezeno : HKLM\Software\DownTango
Klíe Nalezeno : HKLM\Software\Freeze.com
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{94366E2C-9923-431C-B0D6-747447DD0F2B}
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASAPI32
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASMANCS
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Tracing\Babylon_RASAPI32
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Tracing\Babylon_RASMANCS
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Tracing\BabylonTC_RASAPI32
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Tracing\BabylonTC_RASMANCS
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{632438C0-D53D-818B-BA5C-DE59054DAA72}
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DownTango
Klíe Nalezeno : HKLM\Software\PIP
Klíe Nalezeno : HKLM\SOFTWARE\Software
Klíe Nalezeno : HKLM\Software\SP Global
Klíe Nalezeno : HKLM\Software\SProtector
Klíe Nalezeno : HKU\S-1-5-21-2518957177-3384376808-1782611467-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Klíe Nalezeno : HKU\S-1-5-21-2518957177-3384376808-1782611467-1000\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Klíe Nalezeno : HKU\S-1-5-21-2518957177-3384376808-1782611467-1000\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Klíe Nalezeno : HKU\S-1-5-21-2518957177-3384376808-1782611467-1003\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
***** [Internetové prohlížeee] *****
-\\ Internet Explorer v9.0.8112.16447
[OK] Registry jsou eisté.
-\\ Mozilla Firefox v20.0.1 (cs)
Soubor : C:\Users\Rasty Kartas\AppData\Roaming\Mozilla\Firefox\Profiles\zyydg4z3.default\prefs.js
Nalezeno : user_pref("aol_toolbar.default.homepage.check", false);
Nalezeno : user_pref("aol_toolbar.default.search.check", false);
Nalezeno : user_pref("browser.search.defaultenginename,S", "WebSearch");
Nalezeno : user_pref("browser.search.order.1", "WebSearch");
Nalezeno : user_pref("browser.search.order.1,S", "WebSearch");
Nalezeno : user_pref("browser.search.selectedEngine,S", "WebSearch");
Nalezeno : user_pref("extensions.503135d2969f9.scode", "(function(){try{if('aol.com,mail.google.com,mystart.inc[...]
Nalezeno : user_pref("extensions.BabylonToolbar.prtkDS", 0);
Nalezeno : user_pref("extensions.BabylonToolbar.prtkHmpg", 0);
Nalezeno : user_pref("extensions.BabylonToolbar_i.newTab", true);
Nalezeno : user_pref("extensions.BabylonToolbar_i.newTabUrl", "hxxp://search.babylon.com/?affID=111304&tt=3512_[...]
Nalezeno : user_pref("icqtoolbar.allowSendURL", false);
Nalezeno : user_pref("icqtoolbar.engineVerified", false);
Nalezeno : user_pref("icqtoolbar.hiddenElements", "itb_options");
Nalezeno : user_pref("icqtoolbar.history", "n%C4%9Bmeck%C3%A1%20jm%C3%A9na||zelvy%20ninja%203%20soundtrack||zel[...]
Nalezeno : user_pref("icqtoolbar.numberOfSearches", 0);
Nalezeno : user_pref("icqtoolbar.previousFFVersion", "3.5.6");
Nalezeno : user_pref("icqtoolbar.skip_default_search", "no");
Nalezeno : user_pref("icqtoolbar.suggestions", false);
Nalezeno : user_pref("icqtoolbar.uninstStatSent", true);
Nalezeno : user_pref("icqtoolbar.uniqueID", "125941698412594169841259496710161");
Nalezeno : user_pref("icqtoolbar.usageStatstTimestamp", 1262115925);
Nalezeno : user_pref("icqtoolbar.xmlEnableSuggestions", false);
Nalezeno : user_pref("icqtoolbar.xmlLanguage", "cs");
Nalezeno : user_pref("sweetim.toolbar.highlight.colors", "#FFFF00,#00FFE4,#5AFF00,#0087FF,#FFCC00,#FF00F0");
Nalezeno : user_pref("sweetim.toolbar.logger.ConsoleHandler.MinReportLevel", "7");
Nalezeno : user_pref("sweetim.toolbar.logger.FileHandler.FileName", "ff-toolbar.log");
Nalezeno : user_pref("sweetim.toolbar.logger.FileHandler.MaxFileSize", "200000");
Nalezeno : user_pref("sweetim.toolbar.logger.FileHandler.MinReportLevel", "7");
Nalezeno : user_pref("sweetim.toolbar.mode.debug", "false");
Nalezeno : user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "");
Nalezeno : user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "");
Nalezeno : user_pref("sweetim.toolbar.previous.browser.startup.homepage", "");
Nalezeno : user_pref("sweetim.toolbar.previous.keyword.URL", "chrome://browser-region/locale/region.properties"[...]
Nalezeno : user_pref("sweetim.toolbar.scripts.1.domain-blacklist", "");
Nalezeno : user_pref("sweetim.toolbar.search.external", "<?xml version=\"1.0\"?><TOOLBAR><EXTERNAL_SEARCH engin[...]
Nalezeno : user_pref("sweetim.toolbar.search.history.capacity", "10");
Nalezeno : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_DS", "");
Nalezeno : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_HP", "");
Nalezeno : user_pref("sweetim.toolbar.searchguard.enable", "true");
Nalezeno : user_pref("sweetim.toolbar.simapp_id", "{64865FE6-D785-11DE-ADA1-002421A5F68A}");
Nalezeno : user_pref("sweetim.toolbar.version", "1.1.0.0");
-\\ Google Chrome v26.0.1410.64
Soubor : C:\Users\Rasty Kartas\AppData\Local\Google\Chrome\User Data\Default\Preferences
[OK] Soubor je eistý.
*************************
AdwCleaner[R1].txt - [9895 octets] - [21/04/2013 03:12:54]
########## EOF - C:\AdwCleaner[R1].txt - [9955 octets] ##########
Malwarebytes Anti-Malware 1.75.0.1300
http://www.malwarebytes.org
Verze: v2013.04.19.08
Windows 7 x86 NTFS
Internet Explorer 9.0.8112.16421
Rasty Kartas :: RASTY-KARTAS-PC [administrátor]
21.4.2013 2:37:17
mbam-log-2013-04-21 (02-37-17).txt
Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 242831
Uplynulý čas: 6 minut, 15 sekund
Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené datové položky v registru: 2
HKLM\SOFTWARE\Microsoft\Security Center|FirewallDisableNotify (PUM.Disabled.SecurityCenter) -> Špatný: (1) Dobrý: (0) -> Přesun do karantény a opravení se zdařilo.
HKLM\SOFTWARE\Microsoft\Security Center|AntiVirusDisableNotify (PUM.Disabled.SecurityCenter) -> Špatný: (1) Dobrý: (0) -> Přesun do karantény a opravení se zdařilo.
Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené soubory: 2
C:\flashplayer-lista-centrumcz.exe (Trojan.Downloader.Agent) -> Přesun do karantény a smazání se zdařilo.
C:\Windows\System32\H@tKeysH@@k.DLL (HackTool.HotKeyHook) -> Přesun do karantény a smazání se zdařilo.
(konec)
-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Log z AdwCleaner:
# AdwCleaner v2.200 - Log vytvooen 21/04/2013 v 03:12:54
# Aktualizováno 02/04/2013 Xplode
# Operaení systém : Windows 7 Ultimate (32 bits)
# Uživatel : Rasty Kartas - RASTY-KARTAS-PC
# Spuštin systém : Normální
# Spuštino z : C:\Users\Rasty Kartas\Desktop\adwcleaner.exe
# Volba [Prohledat]
***** [Služby] *****
***** [Soubory / Složky] *****
Složka Nalezeno : C:\Program Files\Ask.com
Složka Nalezeno : C:\Program Files\Babylon
Složka Nalezeno : C:\Program Files\Red Sky
Složka Nalezeno : C:\Program Files\WebSearch
Složka Nalezeno : C:\ProgramData\Ask
Složka Nalezeno : C:\ProgramData\InstallMate
Složka Nalezeno : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DownTango
Složka Nalezeno : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search-NewTab
Složka Nalezeno : C:\ProgramData\RightClick
Složka Nalezeno : C:\ProgramData\Search-NewTab
Složka Nalezeno : C:\Users\Rasty Kartas\AppData\Local\DownTango
Složka Nalezeno : C:\Users\Rasty Kartas\AppData\Local\TempDir
Složka Nalezeno : C:\Users\Rasty Kartas\AppData\LocalLow\searchresultstb
Složka Nalezeno : C:\Users\Rasty Kartas\AppData\Roaming\Mozilla\Firefox\Profiles\zyydg4z3.default\extensions\{75656794-AB59-4712-BFBC-5D816D56F3BC}
Složka Nalezeno : C:\Users\Rasty Kartas\AppData\Roaming\Mozilla\Firefox\Profiles\zyydg4z3.default\extensions\toolbar@ask.com
Složka Nalezeno : C:\Users\Rasty Kartas\AppData\Roaming\yourfiledownloader
Soubor Nalezeno : C:\Program Files\Mozilla Firefox\searchplugins\avg-secure-search.xml
Soubor Nalezeno : C:\Program Files\Mozilla Firefox\searchplugins\babylon.xml
Soubor Nalezeno : C:\Users\Public\Desktop\DownTango.lnk
Soubor Nalezeno : C:\Users\Rasty Kartas\AppData\Roaming\Mozilla\Firefox\Profiles\zyydg4z3.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi
Soubor Nalezeno : C:\Users\Rasty Kartas\AppData\Roaming\Mozilla\Firefox\Profiles\zyydg4z3.default\searchplugins\Askcom.xml
Soubor Nalezeno : C:\Users\Rasty Kartas\AppData\Roaming\Mozilla\Firefox\Profiles\zyydg4z3.default\searchplugins\icqplugin.xml
Soubor Nalezeno : C:\Users\Rasty Kartas\AppData\Roaming\Mozilla\Firefox\Profiles\zyydg4z3.default\searchplugins\WebSearch.xml
***** [Registry] *****
Data Nalezeno : HKLM\..\Windows [AppInit_DLLs] = c:\progra~1\websea~1\sprote~1.dll,
Hodnota Nalezeno : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Klíe Nalezeno : HKCU\Software\APN PIP
Klíe Nalezeno : HKCU\Software\AppDataLow\Software\SmartBar
Klíe Nalezeno : HKCU\Software\AppDataLow\SProtector
Klíe Nalezeno : HKCU\Software\Conduit
Klíe Nalezeno : HKCU\Software\DownTango
Klíe Nalezeno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Klíe Nalezeno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Klíe Nalezeno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{632438C0-D53D-818B-BA5C-DE59054DAA72}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{632438C0-D53D-818B-BA5C-DE59054DAA72}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Klíe Nalezeno : HKCU\Software\PIP
Klíe Nalezeno : HKCU\Software\Softonic
Klíe Nalezeno : HKCU\Software\Somoto Toolbar
Klíe Nalezeno : HKLM\Software\BabylonToolbar
Klíe Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{632438C0-D53D-818B-BA5C-DE59054DAA72}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Prod.cap
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Klíe Nalezeno : HKLM\Software\Conduit
Klíe Nalezeno : HKLM\Software\dlQUE
Klíe Nalezeno : HKLM\Software\DownTango
Klíe Nalezeno : HKLM\Software\Freeze.com
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{94366E2C-9923-431C-B0D6-747447DD0F2B}
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASAPI32
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASMANCS
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Tracing\Babylon_RASAPI32
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Tracing\Babylon_RASMANCS
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Tracing\BabylonTC_RASAPI32
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Tracing\BabylonTC_RASMANCS
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{632438C0-D53D-818B-BA5C-DE59054DAA72}
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DownTango
Klíe Nalezeno : HKLM\Software\PIP
Klíe Nalezeno : HKLM\SOFTWARE\Software
Klíe Nalezeno : HKLM\Software\SP Global
Klíe Nalezeno : HKLM\Software\SProtector
Klíe Nalezeno : HKU\S-1-5-21-2518957177-3384376808-1782611467-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Klíe Nalezeno : HKU\S-1-5-21-2518957177-3384376808-1782611467-1000\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Klíe Nalezeno : HKU\S-1-5-21-2518957177-3384376808-1782611467-1000\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Klíe Nalezeno : HKU\S-1-5-21-2518957177-3384376808-1782611467-1003\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
***** [Internetové prohlížeee] *****
-\\ Internet Explorer v9.0.8112.16447
[OK] Registry jsou eisté.
-\\ Mozilla Firefox v20.0.1 (cs)
Soubor : C:\Users\Rasty Kartas\AppData\Roaming\Mozilla\Firefox\Profiles\zyydg4z3.default\prefs.js
Nalezeno : user_pref("aol_toolbar.default.homepage.check", false);
Nalezeno : user_pref("aol_toolbar.default.search.check", false);
Nalezeno : user_pref("browser.search.defaultenginename,S", "WebSearch");
Nalezeno : user_pref("browser.search.order.1", "WebSearch");
Nalezeno : user_pref("browser.search.order.1,S", "WebSearch");
Nalezeno : user_pref("browser.search.selectedEngine,S", "WebSearch");
Nalezeno : user_pref("extensions.503135d2969f9.scode", "(function(){try{if('aol.com,mail.google.com,mystart.inc[...]
Nalezeno : user_pref("extensions.BabylonToolbar.prtkDS", 0);
Nalezeno : user_pref("extensions.BabylonToolbar.prtkHmpg", 0);
Nalezeno : user_pref("extensions.BabylonToolbar_i.newTab", true);
Nalezeno : user_pref("extensions.BabylonToolbar_i.newTabUrl", "hxxp://search.babylon.com/?affID=111304&tt=3512_[...]
Nalezeno : user_pref("icqtoolbar.allowSendURL", false);
Nalezeno : user_pref("icqtoolbar.engineVerified", false);
Nalezeno : user_pref("icqtoolbar.hiddenElements", "itb_options");
Nalezeno : user_pref("icqtoolbar.history", "n%C4%9Bmeck%C3%A1%20jm%C3%A9na||zelvy%20ninja%203%20soundtrack||zel[...]
Nalezeno : user_pref("icqtoolbar.numberOfSearches", 0);
Nalezeno : user_pref("icqtoolbar.previousFFVersion", "3.5.6");
Nalezeno : user_pref("icqtoolbar.skip_default_search", "no");
Nalezeno : user_pref("icqtoolbar.suggestions", false);
Nalezeno : user_pref("icqtoolbar.uninstStatSent", true);
Nalezeno : user_pref("icqtoolbar.uniqueID", "125941698412594169841259496710161");
Nalezeno : user_pref("icqtoolbar.usageStatstTimestamp", 1262115925);
Nalezeno : user_pref("icqtoolbar.xmlEnableSuggestions", false);
Nalezeno : user_pref("icqtoolbar.xmlLanguage", "cs");
Nalezeno : user_pref("sweetim.toolbar.highlight.colors", "#FFFF00,#00FFE4,#5AFF00,#0087FF,#FFCC00,#FF00F0");
Nalezeno : user_pref("sweetim.toolbar.logger.ConsoleHandler.MinReportLevel", "7");
Nalezeno : user_pref("sweetim.toolbar.logger.FileHandler.FileName", "ff-toolbar.log");
Nalezeno : user_pref("sweetim.toolbar.logger.FileHandler.MaxFileSize", "200000");
Nalezeno : user_pref("sweetim.toolbar.logger.FileHandler.MinReportLevel", "7");
Nalezeno : user_pref("sweetim.toolbar.mode.debug", "false");
Nalezeno : user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "");
Nalezeno : user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "");
Nalezeno : user_pref("sweetim.toolbar.previous.browser.startup.homepage", "");
Nalezeno : user_pref("sweetim.toolbar.previous.keyword.URL", "chrome://browser-region/locale/region.properties"[...]
Nalezeno : user_pref("sweetim.toolbar.scripts.1.domain-blacklist", "");
Nalezeno : user_pref("sweetim.toolbar.search.external", "<?xml version=\"1.0\"?><TOOLBAR><EXTERNAL_SEARCH engin[...]
Nalezeno : user_pref("sweetim.toolbar.search.history.capacity", "10");
Nalezeno : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_DS", "");
Nalezeno : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_HP", "");
Nalezeno : user_pref("sweetim.toolbar.searchguard.enable", "true");
Nalezeno : user_pref("sweetim.toolbar.simapp_id", "{64865FE6-D785-11DE-ADA1-002421A5F68A}");
Nalezeno : user_pref("sweetim.toolbar.version", "1.1.0.0");
-\\ Google Chrome v26.0.1410.64
Soubor : C:\Users\Rasty Kartas\AppData\Local\Google\Chrome\User Data\Default\Preferences
[OK] Soubor je eistý.
*************************
AdwCleaner[R1].txt - [9895 octets] - [21/04/2013 03:12:54]
########## EOF - C:\AdwCleaner[R1].txt - [9955 octets] ##########
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43287
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Kontrola logu. Jeden z procesů zatěžuje procesor
Spusť znovu AdwCleaner (u Windows Vista či Windows7, klikni na AdwCleaner pravým a vyber „Spustit jako správce“
Klikni na „ Vymazat“
Program provede opravu, po automatickém restartu neukáže log (C:\AdwCleaner [S?].txt) , jeho obsah sem celý vlož.
Stáhni si RogueKiller
32bit.:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- počkej až skončí Prescan -vyhledávání škodlivých procesů.
- Zkontroluj , zda máš zaškrtnuto:
Kontrola MBR
Kontrola Faked
Antirootkit
-Potom klikni na „Prohledat“.
- Program skenuje procesy PC. Po proskenování klikni na „Zpráva“celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.
Klikni na „ Vymazat“
Program provede opravu, po automatickém restartu neukáže log (C:\AdwCleaner [S?].txt) , jeho obsah sem celý vlož.
Stáhni si RogueKiller
32bit.:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- počkej až skončí Prescan -vyhledávání škodlivých procesů.
- Zkontroluj , zda máš zaškrtnuto:
Kontrola MBR
Kontrola Faked
Antirootkit
-Potom klikni na „Prohledat“.
- Program skenuje procesy PC. Po proskenování klikni na „Zpráva“celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: Kontrola logu. Jeden z procesů zatěžuje procesor
Log z AdwCleaner:
# AdwCleaner v2.200 - Log vytvooen 21/04/2013 v 18:55:05
# Aktualizováno 02/04/2013 Xplode
# Operaení systém : Windows 7 Ultimate (32 bits)
# Uživatel : Rasty Kartas - RASTY-KARTAS-PC
# Spuštin systém : Normální
# Spuštino z : C:\Users\Rasty Kartas\Desktop\adwcleaner.exe
# Volba [Vymazat]
***** [Služby] *****
***** [Soubory / Složky] *****
Složka Vymazáno : C:\Program Files\Ask.com
Složka Vymazáno : C:\Program Files\Babylon
Složka Vymazáno : C:\Program Files\Red Sky
Složka Vymazáno : C:\Program Files\WebSearch
Složka Vymazáno : C:\ProgramData\Ask
Složka Vymazáno : C:\ProgramData\InstallMate
Složka Vymazáno : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DownTango
Složka Vymazáno : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search-NewTab
Složka Vymazáno : C:\ProgramData\RightClick
Složka Vymazáno : C:\ProgramData\Search-NewTab
Složka Vymazáno : C:\Users\Rasty Kartas\AppData\Local\DownTango
Složka Vymazáno : C:\Users\Rasty Kartas\AppData\Local\TempDir
Složka Vymazáno : C:\Users\Rasty Kartas\AppData\LocalLow\searchresultstb
Složka Vymazáno : C:\Users\Rasty Kartas\AppData\Roaming\Mozilla\Firefox\Profiles\zyydg4z3.default\extensions\{75656794-AB59-4712-BFBC-5D816D56F3BC}
Složka Vymazáno : C:\Users\Rasty Kartas\AppData\Roaming\Mozilla\Firefox\Profiles\zyydg4z3.default\extensions\toolbar@ask.com
Složka Vymazáno : C:\Users\Rasty Kartas\AppData\Roaming\yourfiledownloader
Soubor Vymazáno : C:\Program Files\Mozilla Firefox\searchplugins\avg-secure-search.xml
Soubor Vymazáno : C:\Program Files\Mozilla Firefox\searchplugins\babylon.xml
Soubor Vymazáno : C:\Users\Public\Desktop\DownTango.lnk
Soubor Vymazáno : C:\Users\Rasty Kartas\AppData\Roaming\Mozilla\Firefox\Profiles\zyydg4z3.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi
Soubor Vymazáno : C:\Users\Rasty Kartas\AppData\Roaming\Mozilla\Firefox\Profiles\zyydg4z3.default\searchplugins\Askcom.xml
Soubor Vymazáno : C:\Users\Rasty Kartas\AppData\Roaming\Mozilla\Firefox\Profiles\zyydg4z3.default\searchplugins\icqplugin.xml
Soubor Vymazáno : C:\Users\Rasty Kartas\AppData\Roaming\Mozilla\Firefox\Profiles\zyydg4z3.default\searchplugins\WebSearch.xml
***** [Registry] *****
Data Vymazáno : HKLM\..\Windows [AppInit_DLLs] = c:\progra~1\websea~1\sprote~1.dll,
Hodnota Vymazáno : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Klíe Vymazáno : HKCU\Software\APN PIP
Klíe Vymazáno : HKCU\Software\AppDataLow\Software\SmartBar
Klíe Vymazáno : HKCU\Software\AppDataLow\SProtector
Klíe Vymazáno : HKCU\Software\Conduit
Klíe Vymazáno : HKCU\Software\DownTango
Klíe Vymazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Klíe Vymazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Klíe Vymazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{632438C0-D53D-818B-BA5C-DE59054DAA72}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{632438C0-D53D-818B-BA5C-DE59054DAA72}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Klíe Vymazáno : HKCU\Software\PIP
Klíe Vymazáno : HKCU\Software\Softonic
Klíe Vymazáno : HKCU\Software\Somoto Toolbar
Klíe Vymazáno : HKLM\Software\BabylonToolbar
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{632438C0-D53D-818B-BA5C-DE59054DAA72}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Prod.cap
Klíe Vymazáno : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Klíe Vymazáno : HKLM\Software\Conduit
Klíe Vymazáno : HKLM\Software\dlQUE
Klíe Vymazáno : HKLM\Software\DownTango
Klíe Vymazáno : HKLM\Software\Freeze.com
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{94366E2C-9923-431C-B0D6-747447DD0F2B}
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASAPI32
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASMANCS
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Tracing\Babylon_RASAPI32
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Tracing\Babylon_RASMANCS
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Tracing\BabylonTC_RASAPI32
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Tracing\BabylonTC_RASMANCS
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{632438C0-D53D-818B-BA5C-DE59054DAA72}
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DownTango
Klíe Vymazáno : HKLM\Software\PIP
Klíe Vymazáno : HKLM\SOFTWARE\Software
Klíe Vymazáno : HKLM\Software\SP Global
Klíe Vymazáno : HKLM\Software\SProtector
Klíe Vymazáno : HKU\S-1-5-21-2518957177-3384376808-1782611467-1003\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
***** [Internetové prohlížeee] *****
-\\ Internet Explorer v9.0.8112.16447
[OK] Registry jsou eisté.
-\\ Mozilla Firefox v20.0.1 (cs)
Soubor : C:\Users\Rasty Kartas\AppData\Roaming\Mozilla\Firefox\Profiles\zyydg4z3.default\prefs.js
C:\Users\Rasty Kartas\AppData\Roaming\Mozilla\Firefox\Profiles\zyydg4z3.default\user.js ... Vymazáno !
Vymazáno : user_pref("aol_toolbar.default.homepage.check", false);
Vymazáno : user_pref("aol_toolbar.default.search.check", false);
Vymazáno : user_pref("browser.search.defaultenginename,S", "WebSearch");
Vymazáno : user_pref("browser.search.order.1", "WebSearch");
Vymazáno : user_pref("browser.search.order.1,S", "WebSearch");
Vymazáno : user_pref("browser.search.selectedEngine,S", "WebSearch");
Vymazáno : user_pref("extensions.503135d2969f9.scode", "(function(){try{if('aol.com,mail.google.com,mystart.inc[...]
Vymazáno : user_pref("extensions.BabylonToolbar.prtkDS", 0);
Vymazáno : user_pref("extensions.BabylonToolbar.prtkHmpg", 0);
Vymazáno : user_pref("extensions.BabylonToolbar_i.newTab", true);
Vymazáno : user_pref("extensions.BabylonToolbar_i.newTabUrl", "hxxp://search.babylon.com/?affID=111304&tt=3512_[...]
Vymazáno : user_pref("icqtoolbar.allowSendURL", false);
Vymazáno : user_pref("icqtoolbar.engineVerified", false);
Vymazáno : user_pref("icqtoolbar.hiddenElements", "itb_options");
Vymazáno : user_pref("icqtoolbar.history", "n%C4%9Bmeck%C3%A1%20jm%C3%A9na||zelvy%20ninja%203%20soundtrack||zel[...]
Vymazáno : user_pref("icqtoolbar.numberOfSearches", 0);
Vymazáno : user_pref("icqtoolbar.previousFFVersion", "3.5.6");
Vymazáno : user_pref("icqtoolbar.skip_default_search", "no");
Vymazáno : user_pref("icqtoolbar.suggestions", false);
Vymazáno : user_pref("icqtoolbar.uninstStatSent", true);
Vymazáno : user_pref("icqtoolbar.uniqueID", "125941698412594169841259496710161");
Vymazáno : user_pref("icqtoolbar.usageStatstTimestamp", 1262115925);
Vymazáno : user_pref("icqtoolbar.xmlEnableSuggestions", false);
Vymazáno : user_pref("icqtoolbar.xmlLanguage", "cs");
Vymazáno : user_pref("sweetim.toolbar.highlight.colors", "#FFFF00,#00FFE4,#5AFF00,#0087FF,#FFCC00,#FF00F0");
Vymazáno : user_pref("sweetim.toolbar.logger.ConsoleHandler.MinReportLevel", "7");
Vymazáno : user_pref("sweetim.toolbar.logger.FileHandler.FileName", "ff-toolbar.log");
Vymazáno : user_pref("sweetim.toolbar.logger.FileHandler.MaxFileSize", "200000");
Vymazáno : user_pref("sweetim.toolbar.logger.FileHandler.MinReportLevel", "7");
Vymazáno : user_pref("sweetim.toolbar.mode.debug", "false");
Vymazáno : user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "");
Vymazáno : user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "");
Vymazáno : user_pref("sweetim.toolbar.previous.browser.startup.homepage", "");
Vymazáno : user_pref("sweetim.toolbar.previous.keyword.URL", "chrome://browser-region/locale/region.properties"[...]
Vymazáno : user_pref("sweetim.toolbar.scripts.1.domain-blacklist", "");
Vymazáno : user_pref("sweetim.toolbar.search.external", "<?xml version=\"1.0\"?><TOOLBAR><EXTERNAL_SEARCH engin[...]
Vymazáno : user_pref("sweetim.toolbar.search.history.capacity", "10");
Vymazáno : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_DS", "");
Vymazáno : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_HP", "");
Vymazáno : user_pref("sweetim.toolbar.searchguard.enable", "true");
Vymazáno : user_pref("sweetim.toolbar.simapp_id", "{64865FE6-D785-11DE-ADA1-002421A5F68A}");
Vymazáno : user_pref("sweetim.toolbar.version", "1.1.0.0");
-\\ Google Chrome v26.0.1410.64
Soubor : C:\Users\Rasty Kartas\AppData\Local\Google\Chrome\User Data\Default\Preferences
[OK] Soubor je eistý.
*************************
AdwCleaner[R1].txt - [10024 octets] - [21/04/2013 03:12:54]
AdwCleaner[S1].txt - [9589 octets] - [21/04/2013 18:55:05]
########## EOF - C:\AdwCleaner[S1].txt - [9649 octets] ##########
-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Log z RogueKiller:
RogueKiller V8.5.4 [Mar 18 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.geekstogo.com/forum/files/fi ... guekiller/
Webové stránky : http://tigzy.geekstogo.com/roguekiller.php
: http://tigzyrk.blogspot.com/
Operační systém : Windows 7 (6.1.7600 ) 32 bits version
Spuštěno v : Normální režim
Uživatel : Rasty Kartas [Práva správce]
Mód : Kontrola -- Datum : 04/21/2013 19:20:28
| ARK || FAK || MBR |
¤¤¤ Škodlivé procesy: : 1 ¤¤¤
[SVCHOST] svchost.exe -- c:\archive\data\svchost.exe [x] -> SMAZÁNO [TermProc]
¤¤¤ ¤¤¤ Záznamy Registrů: : 6 ¤¤¤
[RUN][SUSP PATH] HKCU\[...]\Run : MTool (C:\Users\Rasty Kartas\AppData\Roaming\MCommon\MTool_new.exe) [-] -> NALEZENO
[RUN][SUSP PATH] HKUS\S-1-5-21-2518957177-3384376808-1782611467-1000[...]\Run : MTool (C:\Users\Rasty Kartas\AppData\Roaming\MCommon\MTool_new.exe) [-] -> NALEZENO
[HJ] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> NALEZENO
[HJ] HKLM\[...]\System : EnableLUA (0) -> NALEZENO
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NALEZENO
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO
¤¤¤ Zvláštní soubory / Složky: ¤¤¤
¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤
IRP[IRP_MJ_CREATE] : \SystemRoot\system32\DRIVERS\iaStor.sys -> HOOKED ([MAJOR] Unknown @ 0x868A51E8)
IRP[IRP_MJ_CLOSE] : \SystemRoot\system32\DRIVERS\iaStor.sys -> HOOKED ([MAJOR] Unknown @ 0x868A51E8)
IRP[IRP_MJ_DEVICE_CONTROL] : \SystemRoot\system32\DRIVERS\iaStor.sys -> HOOKED ([MAJOR] Unknown @ 0x868A51E8)
IRP[IRP_MJ_INTERNAL_DEVICE_CONTROL] : \SystemRoot\system32\DRIVERS\iaStor.sys -> HOOKED ([MAJOR] Unknown @ 0x868A51E8)
IRP[IRP_MJ_POWER] : \SystemRoot\system32\DRIVERS\iaStor.sys -> HOOKED ([MAJOR] Unknown @ 0x868A51E8)
IRP[IRP_MJ_SYSTEM_CONTROL] : \SystemRoot\system32\DRIVERS\iaStor.sys -> HOOKED ([MAJOR] Unknown @ 0x868A51E8)
IRP[IRP_MJ_PNP] : \SystemRoot\system32\DRIVERS\iaStor.sys -> HOOKED ([MAJOR] Unknown @ 0x868A51E8)
¤¤¤ Externí včelstvo: ¤¤¤
-> A:\windows\system32\config\SOFTWARE
-> A:\windows\system32\config\SYSTEM
-> A:\Documents and Settings\Administrator\NTUSER.DAT
-> A:\Documents and Settings\Default User\NTUSER.DAT
-> A:\Documents and Settings\Fif4Dev11\NTUSER.DAT
-> A:\Documents and Settings\LocalService\NTUSER.DAT
-> A:\Documents and Settings\NetworkService\NTUSER.DAT
-> A:\Documents and Settings\UpdatusUser\NTUSER.DAT
-> D:\windows\system32\config\SOFTWARE
-> D:\windows\system32\config\SYSTEM
¤¤¤ Soubor HOSTS: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts
¤¤¤ Kontrola MBR: ¤¤¤
+++++ PhysicalDrive0: ST3500630NS ATA Device +++++
--- User ---
[MBR] 7d61d1ffd6807d5d4af1ce87bcd8f58f
[BSP] 1711b488eb3ad731dfb9b09c66f65330 : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 49999 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 102398310 | Size: 426938 Mo
User = LL1 ... OK!
User = LL2 ... OK!
+++++ PhysicalDrive1: WDC WD20EURS-63S48Y0 ATA Device +++++
--- User ---
[MBR] 948c2e4897cb8aab3efa763e778e54b9
[BSP] 4b84bf17847661d6d2bfa19ab4f4a081 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 114470 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 234436608 | Size: 1793263 Mo
User = LL1 ... OK!
User = LL2 ... OK!
+++++ PhysicalDrive2: HP External HDD USB Device +++++
--- User ---
[MBR] e45a39baeafa21e17140aa1db29adad2
[BSP] 607a71fc04b1365f1c386698d4252611 : Windows XP MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 953198 Mo
Error reading LL1 MBR!
Error reading LL2 MBR!
Dokončeno : << RKreport[1]_S_04212013_02d1920.txt >>
RKreport[1]_S_04212013_02d1920.txt
# AdwCleaner v2.200 - Log vytvooen 21/04/2013 v 18:55:05
# Aktualizováno 02/04/2013 Xplode
# Operaení systém : Windows 7 Ultimate (32 bits)
# Uživatel : Rasty Kartas - RASTY-KARTAS-PC
# Spuštin systém : Normální
# Spuštino z : C:\Users\Rasty Kartas\Desktop\adwcleaner.exe
# Volba [Vymazat]
***** [Služby] *****
***** [Soubory / Složky] *****
Složka Vymazáno : C:\Program Files\Ask.com
Složka Vymazáno : C:\Program Files\Babylon
Složka Vymazáno : C:\Program Files\Red Sky
Složka Vymazáno : C:\Program Files\WebSearch
Složka Vymazáno : C:\ProgramData\Ask
Složka Vymazáno : C:\ProgramData\InstallMate
Složka Vymazáno : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DownTango
Složka Vymazáno : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search-NewTab
Složka Vymazáno : C:\ProgramData\RightClick
Složka Vymazáno : C:\ProgramData\Search-NewTab
Složka Vymazáno : C:\Users\Rasty Kartas\AppData\Local\DownTango
Složka Vymazáno : C:\Users\Rasty Kartas\AppData\Local\TempDir
Složka Vymazáno : C:\Users\Rasty Kartas\AppData\LocalLow\searchresultstb
Složka Vymazáno : C:\Users\Rasty Kartas\AppData\Roaming\Mozilla\Firefox\Profiles\zyydg4z3.default\extensions\{75656794-AB59-4712-BFBC-5D816D56F3BC}
Složka Vymazáno : C:\Users\Rasty Kartas\AppData\Roaming\Mozilla\Firefox\Profiles\zyydg4z3.default\extensions\toolbar@ask.com
Složka Vymazáno : C:\Users\Rasty Kartas\AppData\Roaming\yourfiledownloader
Soubor Vymazáno : C:\Program Files\Mozilla Firefox\searchplugins\avg-secure-search.xml
Soubor Vymazáno : C:\Program Files\Mozilla Firefox\searchplugins\babylon.xml
Soubor Vymazáno : C:\Users\Public\Desktop\DownTango.lnk
Soubor Vymazáno : C:\Users\Rasty Kartas\AppData\Roaming\Mozilla\Firefox\Profiles\zyydg4z3.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi
Soubor Vymazáno : C:\Users\Rasty Kartas\AppData\Roaming\Mozilla\Firefox\Profiles\zyydg4z3.default\searchplugins\Askcom.xml
Soubor Vymazáno : C:\Users\Rasty Kartas\AppData\Roaming\Mozilla\Firefox\Profiles\zyydg4z3.default\searchplugins\icqplugin.xml
Soubor Vymazáno : C:\Users\Rasty Kartas\AppData\Roaming\Mozilla\Firefox\Profiles\zyydg4z3.default\searchplugins\WebSearch.xml
***** [Registry] *****
Data Vymazáno : HKLM\..\Windows [AppInit_DLLs] = c:\progra~1\websea~1\sprote~1.dll,
Hodnota Vymazáno : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Klíe Vymazáno : HKCU\Software\APN PIP
Klíe Vymazáno : HKCU\Software\AppDataLow\Software\SmartBar
Klíe Vymazáno : HKCU\Software\AppDataLow\SProtector
Klíe Vymazáno : HKCU\Software\Conduit
Klíe Vymazáno : HKCU\Software\DownTango
Klíe Vymazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Klíe Vymazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Klíe Vymazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{632438C0-D53D-818B-BA5C-DE59054DAA72}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{632438C0-D53D-818B-BA5C-DE59054DAA72}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Klíe Vymazáno : HKCU\Software\PIP
Klíe Vymazáno : HKCU\Software\Softonic
Klíe Vymazáno : HKCU\Software\Somoto Toolbar
Klíe Vymazáno : HKLM\Software\BabylonToolbar
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{632438C0-D53D-818B-BA5C-DE59054DAA72}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Prod.cap
Klíe Vymazáno : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Klíe Vymazáno : HKLM\Software\Conduit
Klíe Vymazáno : HKLM\Software\dlQUE
Klíe Vymazáno : HKLM\Software\DownTango
Klíe Vymazáno : HKLM\Software\Freeze.com
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{94366E2C-9923-431C-B0D6-747447DD0F2B}
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASAPI32
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASMANCS
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Tracing\Babylon_RASAPI32
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Tracing\Babylon_RASMANCS
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Tracing\BabylonTC_RASAPI32
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Tracing\BabylonTC_RASMANCS
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{632438C0-D53D-818B-BA5C-DE59054DAA72}
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DownTango
Klíe Vymazáno : HKLM\Software\PIP
Klíe Vymazáno : HKLM\SOFTWARE\Software
Klíe Vymazáno : HKLM\Software\SP Global
Klíe Vymazáno : HKLM\Software\SProtector
Klíe Vymazáno : HKU\S-1-5-21-2518957177-3384376808-1782611467-1003\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
***** [Internetové prohlížeee] *****
-\\ Internet Explorer v9.0.8112.16447
[OK] Registry jsou eisté.
-\\ Mozilla Firefox v20.0.1 (cs)
Soubor : C:\Users\Rasty Kartas\AppData\Roaming\Mozilla\Firefox\Profiles\zyydg4z3.default\prefs.js
C:\Users\Rasty Kartas\AppData\Roaming\Mozilla\Firefox\Profiles\zyydg4z3.default\user.js ... Vymazáno !
Vymazáno : user_pref("aol_toolbar.default.homepage.check", false);
Vymazáno : user_pref("aol_toolbar.default.search.check", false);
Vymazáno : user_pref("browser.search.defaultenginename,S", "WebSearch");
Vymazáno : user_pref("browser.search.order.1", "WebSearch");
Vymazáno : user_pref("browser.search.order.1,S", "WebSearch");
Vymazáno : user_pref("browser.search.selectedEngine,S", "WebSearch");
Vymazáno : user_pref("extensions.503135d2969f9.scode", "(function(){try{if('aol.com,mail.google.com,mystart.inc[...]
Vymazáno : user_pref("extensions.BabylonToolbar.prtkDS", 0);
Vymazáno : user_pref("extensions.BabylonToolbar.prtkHmpg", 0);
Vymazáno : user_pref("extensions.BabylonToolbar_i.newTab", true);
Vymazáno : user_pref("extensions.BabylonToolbar_i.newTabUrl", "hxxp://search.babylon.com/?affID=111304&tt=3512_[...]
Vymazáno : user_pref("icqtoolbar.allowSendURL", false);
Vymazáno : user_pref("icqtoolbar.engineVerified", false);
Vymazáno : user_pref("icqtoolbar.hiddenElements", "itb_options");
Vymazáno : user_pref("icqtoolbar.history", "n%C4%9Bmeck%C3%A1%20jm%C3%A9na||zelvy%20ninja%203%20soundtrack||zel[...]
Vymazáno : user_pref("icqtoolbar.numberOfSearches", 0);
Vymazáno : user_pref("icqtoolbar.previousFFVersion", "3.5.6");
Vymazáno : user_pref("icqtoolbar.skip_default_search", "no");
Vymazáno : user_pref("icqtoolbar.suggestions", false);
Vymazáno : user_pref("icqtoolbar.uninstStatSent", true);
Vymazáno : user_pref("icqtoolbar.uniqueID", "125941698412594169841259496710161");
Vymazáno : user_pref("icqtoolbar.usageStatstTimestamp", 1262115925);
Vymazáno : user_pref("icqtoolbar.xmlEnableSuggestions", false);
Vymazáno : user_pref("icqtoolbar.xmlLanguage", "cs");
Vymazáno : user_pref("sweetim.toolbar.highlight.colors", "#FFFF00,#00FFE4,#5AFF00,#0087FF,#FFCC00,#FF00F0");
Vymazáno : user_pref("sweetim.toolbar.logger.ConsoleHandler.MinReportLevel", "7");
Vymazáno : user_pref("sweetim.toolbar.logger.FileHandler.FileName", "ff-toolbar.log");
Vymazáno : user_pref("sweetim.toolbar.logger.FileHandler.MaxFileSize", "200000");
Vymazáno : user_pref("sweetim.toolbar.logger.FileHandler.MinReportLevel", "7");
Vymazáno : user_pref("sweetim.toolbar.mode.debug", "false");
Vymazáno : user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "");
Vymazáno : user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "");
Vymazáno : user_pref("sweetim.toolbar.previous.browser.startup.homepage", "");
Vymazáno : user_pref("sweetim.toolbar.previous.keyword.URL", "chrome://browser-region/locale/region.properties"[...]
Vymazáno : user_pref("sweetim.toolbar.scripts.1.domain-blacklist", "");
Vymazáno : user_pref("sweetim.toolbar.search.external", "<?xml version=\"1.0\"?><TOOLBAR><EXTERNAL_SEARCH engin[...]
Vymazáno : user_pref("sweetim.toolbar.search.history.capacity", "10");
Vymazáno : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_DS", "");
Vymazáno : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_HP", "");
Vymazáno : user_pref("sweetim.toolbar.searchguard.enable", "true");
Vymazáno : user_pref("sweetim.toolbar.simapp_id", "{64865FE6-D785-11DE-ADA1-002421A5F68A}");
Vymazáno : user_pref("sweetim.toolbar.version", "1.1.0.0");
-\\ Google Chrome v26.0.1410.64
Soubor : C:\Users\Rasty Kartas\AppData\Local\Google\Chrome\User Data\Default\Preferences
[OK] Soubor je eistý.
*************************
AdwCleaner[R1].txt - [10024 octets] - [21/04/2013 03:12:54]
AdwCleaner[S1].txt - [9589 octets] - [21/04/2013 18:55:05]
########## EOF - C:\AdwCleaner[S1].txt - [9649 octets] ##########
-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Log z RogueKiller:
RogueKiller V8.5.4 [Mar 18 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.geekstogo.com/forum/files/fi ... guekiller/
Webové stránky : http://tigzy.geekstogo.com/roguekiller.php
: http://tigzyrk.blogspot.com/
Operační systém : Windows 7 (6.1.7600 ) 32 bits version
Spuštěno v : Normální režim
Uživatel : Rasty Kartas [Práva správce]
Mód : Kontrola -- Datum : 04/21/2013 19:20:28
| ARK || FAK || MBR |
¤¤¤ Škodlivé procesy: : 1 ¤¤¤
[SVCHOST] svchost.exe -- c:\archive\data\svchost.exe [x] -> SMAZÁNO [TermProc]
¤¤¤ ¤¤¤ Záznamy Registrů: : 6 ¤¤¤
[RUN][SUSP PATH] HKCU\[...]\Run : MTool (C:\Users\Rasty Kartas\AppData\Roaming\MCommon\MTool_new.exe) [-] -> NALEZENO
[RUN][SUSP PATH] HKUS\S-1-5-21-2518957177-3384376808-1782611467-1000[...]\Run : MTool (C:\Users\Rasty Kartas\AppData\Roaming\MCommon\MTool_new.exe) [-] -> NALEZENO
[HJ] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> NALEZENO
[HJ] HKLM\[...]\System : EnableLUA (0) -> NALEZENO
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NALEZENO
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO
¤¤¤ Zvláštní soubory / Složky: ¤¤¤
¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤
IRP[IRP_MJ_CREATE] : \SystemRoot\system32\DRIVERS\iaStor.sys -> HOOKED ([MAJOR] Unknown @ 0x868A51E8)
IRP[IRP_MJ_CLOSE] : \SystemRoot\system32\DRIVERS\iaStor.sys -> HOOKED ([MAJOR] Unknown @ 0x868A51E8)
IRP[IRP_MJ_DEVICE_CONTROL] : \SystemRoot\system32\DRIVERS\iaStor.sys -> HOOKED ([MAJOR] Unknown @ 0x868A51E8)
IRP[IRP_MJ_INTERNAL_DEVICE_CONTROL] : \SystemRoot\system32\DRIVERS\iaStor.sys -> HOOKED ([MAJOR] Unknown @ 0x868A51E8)
IRP[IRP_MJ_POWER] : \SystemRoot\system32\DRIVERS\iaStor.sys -> HOOKED ([MAJOR] Unknown @ 0x868A51E8)
IRP[IRP_MJ_SYSTEM_CONTROL] : \SystemRoot\system32\DRIVERS\iaStor.sys -> HOOKED ([MAJOR] Unknown @ 0x868A51E8)
IRP[IRP_MJ_PNP] : \SystemRoot\system32\DRIVERS\iaStor.sys -> HOOKED ([MAJOR] Unknown @ 0x868A51E8)
¤¤¤ Externí včelstvo: ¤¤¤
-> A:\windows\system32\config\SOFTWARE
-> A:\windows\system32\config\SYSTEM
-> A:\Documents and Settings\Administrator\NTUSER.DAT
-> A:\Documents and Settings\Default User\NTUSER.DAT
-> A:\Documents and Settings\Fif4Dev11\NTUSER.DAT
-> A:\Documents and Settings\LocalService\NTUSER.DAT
-> A:\Documents and Settings\NetworkService\NTUSER.DAT
-> A:\Documents and Settings\UpdatusUser\NTUSER.DAT
-> D:\windows\system32\config\SOFTWARE
-> D:\windows\system32\config\SYSTEM
¤¤¤ Soubor HOSTS: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts
¤¤¤ Kontrola MBR: ¤¤¤
+++++ PhysicalDrive0: ST3500630NS ATA Device +++++
--- User ---
[MBR] 7d61d1ffd6807d5d4af1ce87bcd8f58f
[BSP] 1711b488eb3ad731dfb9b09c66f65330 : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 49999 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 102398310 | Size: 426938 Mo
User = LL1 ... OK!
User = LL2 ... OK!
+++++ PhysicalDrive1: WDC WD20EURS-63S48Y0 ATA Device +++++
--- User ---
[MBR] 948c2e4897cb8aab3efa763e778e54b9
[BSP] 4b84bf17847661d6d2bfa19ab4f4a081 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 114470 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 234436608 | Size: 1793263 Mo
User = LL1 ... OK!
User = LL2 ... OK!
+++++ PhysicalDrive2: HP External HDD USB Device +++++
--- User ---
[MBR] e45a39baeafa21e17140aa1db29adad2
[BSP] 607a71fc04b1365f1c386698d4252611 : Windows XP MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 953198 Mo
Error reading LL1 MBR!
Error reading LL2 MBR!
Dokončeno : << RKreport[1]_S_04212013_02d1920.txt >>
RKreport[1]_S_04212013_02d1920.txt
-
memphisto
- Guru Level 13
- Příspěvky: 21113
- Registrován: září 06
- Bydliště: Zlín - České Budějovice
- Pohlaví:
- Stav:
Offline
Re: Kontrola logu. Jeden z procesů zatěžuje procesor
Zavři všechny programy a prohlížeče.
Odpoj všechny USB nebo externí disky z počítače před spuštěním tohoto programu.
Spusť RogueKiller (Pro Windows Vista nebo WIN7 klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- Počkej, až Prescan dokončí práci...
- Počkej, dokud status box zobrazuje "Scan" "
- Klikni na "Delete"
- Počkej, dokud status box zobrazuje "Smazání - Finished"
- Klikni na "Zprávy", zkopíruj a vlož obsah té zprávy prosím sem. Log je možno nalézt v RKreport [1].txt na ploše.
- Zavři RogueKiller
Odpoj všechny USB nebo externí disky z počítače před spuštěním tohoto programu.
Spusť RogueKiller (Pro Windows Vista nebo WIN7 klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- Počkej, až Prescan dokončí práci...
- Počkej, dokud status box zobrazuje "Scan" "
- Klikni na "Delete"
- Počkej, dokud status box zobrazuje "Smazání - Finished"
- Klikni na "Zprávy", zkopíruj a vlož obsah té zprávy prosím sem. Log je možno nalézt v RKreport [1].txt na ploše.
- Zavři RogueKiller
PRAVIDLA PC-HELP.CZ, PRAVIDLA sekce HijackThis, HijackThis návod, Memtest, CCleaner
Logy z programu HijackThis neposílejte prosím přes SZ, ale vkládejte je do patřičné sekce. Děkuji
Logy z programu HijackThis neposílejte prosím přes SZ, ale vkládejte je do patřičné sekce. Děkuji
Re: Kontrola logu. Jeden z procesů zatěžuje procesor
Další (nový) log z RogueKiller:
RogueKiller V8.5.4 [Mar 18 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.geekstogo.com/forum/files/fi ... guekiller/
Webové stránky : http://tigzy.geekstogo.com/roguekiller.php
: http://tigzyrk.blogspot.com/
Operační systém : Windows 7 (6.1.7600 ) 32 bits version
Spuštěno v : Normální režim
Uživatel : Rasty Kartas [Práva správce]
Mód : Odebrat -- Datum : 04/23/2013 16:58:06
| ARK || FAK || MBR |
¤¤¤ Škodlivé procesy: : 0 ¤¤¤
¤¤¤ ¤¤¤ Záznamy Registrů: : 5 ¤¤¤
[RUN][SUSP PATH] HKCU\[...]\Run : MTool (C:\Users\Rasty Kartas\AppData\Roaming\MCommon\MTool_new.exe) [-] -> VYMAZÁNO
[HJ] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> NAHRAZENO (2)
[HJ] HKLM\[...]\System : EnableLUA (0) -> NAHRAZENO (1)
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NAHRAZENO (0)
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NAHRAZENO (0)
¤¤¤ Zvláštní soubory / Složky: ¤¤¤
¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤
IRP[IRP_MJ_CREATE] : \SystemRoot\system32\DRIVERS\iaStor.sys -> HOOKED ([MAJOR] Unknown @ 0x868A21E8)
IRP[IRP_MJ_CLOSE] : \SystemRoot\system32\DRIVERS\iaStor.sys -> HOOKED ([MAJOR] Unknown @ 0x868A21E8)
IRP[IRP_MJ_DEVICE_CONTROL] : \SystemRoot\system32\DRIVERS\iaStor.sys -> HOOKED ([MAJOR] Unknown @ 0x868A21E8)
IRP[IRP_MJ_INTERNAL_DEVICE_CONTROL] : \SystemRoot\system32\DRIVERS\iaStor.sys -> HOOKED ([MAJOR] Unknown @ 0x868A21E8)
IRP[IRP_MJ_POWER] : \SystemRoot\system32\DRIVERS\iaStor.sys -> HOOKED ([MAJOR] Unknown @ 0x868A21E8)
IRP[IRP_MJ_SYSTEM_CONTROL] : \SystemRoot\system32\DRIVERS\iaStor.sys -> HOOKED ([MAJOR] Unknown @ 0x868A21E8)
IRP[IRP_MJ_PNP] : \SystemRoot\system32\DRIVERS\iaStor.sys -> HOOKED ([MAJOR] Unknown @ 0x868A21E8)
¤¤¤ Externí včelstvo: ¤¤¤
-> A:\windows\system32\config\SOFTWARE
-> A:\windows\system32\config\SYSTEM
-> A:\Documents and Settings\Administrator\NTUSER.DAT
-> A:\Documents and Settings\Default User\NTUSER.DAT
-> A:\Documents and Settings\Fif4Dev11\NTUSER.DAT
-> A:\Documents and Settings\LocalService\NTUSER.DAT
-> A:\Documents and Settings\NetworkService\NTUSER.DAT
-> A:\Documents and Settings\UpdatusUser\NTUSER.DAT
-> D:\windows\system32\config\SOFTWARE
-> D:\windows\system32\config\SYSTEM
¤¤¤ Soubor HOSTS: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts
¤¤¤ Kontrola MBR: ¤¤¤
+++++ PhysicalDrive0: ST3500630NS ATA Device +++++
--- User ---
[MBR] 7d61d1ffd6807d5d4af1ce87bcd8f58f
[BSP] 1711b488eb3ad731dfb9b09c66f65330 : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 49999 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 102398310 | Size: 426938 Mo
User = LL1 ... OK!
User = LL2 ... OK!
+++++ PhysicalDrive1: WDC WD20EURS-63S48Y0 ATA Device +++++
--- User ---
[MBR] 948c2e4897cb8aab3efa763e778e54b9
[BSP] 4b84bf17847661d6d2bfa19ab4f4a081 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 114470 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 234436608 | Size: 1793263 Mo
User = LL1 ... OK!
User = LL2 ... OK!
Dokončeno : << RKreport[3]_D_04232013_02d1658.txt >>
RKreport[1]_S_04212013_02d1920.txt ; RKreport[2]_S_04232013_02d1655.txt ; RKreport[3]_D_04232013_02d1658.txt
RogueKiller V8.5.4 [Mar 18 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.geekstogo.com/forum/files/fi ... guekiller/
Webové stránky : http://tigzy.geekstogo.com/roguekiller.php
: http://tigzyrk.blogspot.com/
Operační systém : Windows 7 (6.1.7600 ) 32 bits version
Spuštěno v : Normální režim
Uživatel : Rasty Kartas [Práva správce]
Mód : Odebrat -- Datum : 04/23/2013 16:58:06
| ARK || FAK || MBR |
¤¤¤ Škodlivé procesy: : 0 ¤¤¤
¤¤¤ ¤¤¤ Záznamy Registrů: : 5 ¤¤¤
[RUN][SUSP PATH] HKCU\[...]\Run : MTool (C:\Users\Rasty Kartas\AppData\Roaming\MCommon\MTool_new.exe) [-] -> VYMAZÁNO
[HJ] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> NAHRAZENO (2)
[HJ] HKLM\[...]\System : EnableLUA (0) -> NAHRAZENO (1)
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NAHRAZENO (0)
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NAHRAZENO (0)
¤¤¤ Zvláštní soubory / Složky: ¤¤¤
¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤
IRP[IRP_MJ_CREATE] : \SystemRoot\system32\DRIVERS\iaStor.sys -> HOOKED ([MAJOR] Unknown @ 0x868A21E8)
IRP[IRP_MJ_CLOSE] : \SystemRoot\system32\DRIVERS\iaStor.sys -> HOOKED ([MAJOR] Unknown @ 0x868A21E8)
IRP[IRP_MJ_DEVICE_CONTROL] : \SystemRoot\system32\DRIVERS\iaStor.sys -> HOOKED ([MAJOR] Unknown @ 0x868A21E8)
IRP[IRP_MJ_INTERNAL_DEVICE_CONTROL] : \SystemRoot\system32\DRIVERS\iaStor.sys -> HOOKED ([MAJOR] Unknown @ 0x868A21E8)
IRP[IRP_MJ_POWER] : \SystemRoot\system32\DRIVERS\iaStor.sys -> HOOKED ([MAJOR] Unknown @ 0x868A21E8)
IRP[IRP_MJ_SYSTEM_CONTROL] : \SystemRoot\system32\DRIVERS\iaStor.sys -> HOOKED ([MAJOR] Unknown @ 0x868A21E8)
IRP[IRP_MJ_PNP] : \SystemRoot\system32\DRIVERS\iaStor.sys -> HOOKED ([MAJOR] Unknown @ 0x868A21E8)
¤¤¤ Externí včelstvo: ¤¤¤
-> A:\windows\system32\config\SOFTWARE
-> A:\windows\system32\config\SYSTEM
-> A:\Documents and Settings\Administrator\NTUSER.DAT
-> A:\Documents and Settings\Default User\NTUSER.DAT
-> A:\Documents and Settings\Fif4Dev11\NTUSER.DAT
-> A:\Documents and Settings\LocalService\NTUSER.DAT
-> A:\Documents and Settings\NetworkService\NTUSER.DAT
-> A:\Documents and Settings\UpdatusUser\NTUSER.DAT
-> D:\windows\system32\config\SOFTWARE
-> D:\windows\system32\config\SYSTEM
¤¤¤ Soubor HOSTS: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts
¤¤¤ Kontrola MBR: ¤¤¤
+++++ PhysicalDrive0: ST3500630NS ATA Device +++++
--- User ---
[MBR] 7d61d1ffd6807d5d4af1ce87bcd8f58f
[BSP] 1711b488eb3ad731dfb9b09c66f65330 : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 49999 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 102398310 | Size: 426938 Mo
User = LL1 ... OK!
User = LL2 ... OK!
+++++ PhysicalDrive1: WDC WD20EURS-63S48Y0 ATA Device +++++
--- User ---
[MBR] 948c2e4897cb8aab3efa763e778e54b9
[BSP] 4b84bf17847661d6d2bfa19ab4f4a081 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 114470 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 234436608 | Size: 1793263 Mo
User = LL1 ... OK!
User = LL2 ... OK!
Dokončeno : << RKreport[3]_D_04232013_02d1658.txt >>
RKreport[1]_S_04212013_02d1920.txt ; RKreport[2]_S_04232013_02d1655.txt ; RKreport[3]_D_04232013_02d1658.txt
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43287
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Kontrola logu. Jeden z procesů zatěžuje procesor
Stáhni si TDSSKiller
Na svojí plochu.Ujisti se , že máš zavřeny všechny ostatní aplikace a prohlížeče. Rozbal soubor a spusť TDSSKiller.exe. Restartuj PC . Log z TDSSKilleru najdeš zde:
C:\TDSSKiller.2.2.7.1._(datum)_log.txt , vlož sem prosím celý obsah logu.
Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..
Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud budou problémy , spusť ho v nouz. režimu.
Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.
Na svojí plochu.Ujisti se , že máš zavřeny všechny ostatní aplikace a prohlížeče. Rozbal soubor a spusť TDSSKiller.exe. Restartuj PC . Log z TDSSKilleru najdeš zde:
C:\TDSSKiller.2.2.7.1._(datum)_log.txt , vlož sem prosím celý obsah logu.
Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..
Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud budou problémy , spusť ho v nouz. režimu.
Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: Kontrola logu. Jeden z procesů zatěžuje procesor
Log z TDSSKiller:
21:07:57.0215 3156 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
21:07:57.0405 3156 ============================================================
21:07:57.0405 3156 Current date / time: 2013/04/23 21:07:57.0404
21:07:57.0405 3156 SystemInfo:
21:07:57.0405 3156
21:07:57.0405 3156 OS Version: 6.1.7600 ServicePack: 0.0
21:07:57.0405 3156 Product type: Workstation
21:07:57.0405 3156 ComputerName: RASTY-KARTAS-PC
21:07:57.0405 3156 UserName: Rasty Kartas
21:07:57.0405 3156 Windows directory: C:\Windows
21:07:57.0405 3156 System windows directory: C:\Windows
21:07:57.0405 3156 Processor architecture: Intel x86
21:07:57.0405 3156 Number of processors: 4
21:07:57.0405 3156 Page size: 0x1000
21:07:57.0405 3156 Boot type: Normal boot
21:07:57.0405 3156 ============================================================
21:08:00.0633 3156 Drive \Device\Harddisk1\DR1 - Size: 0x1D1C1116000 (1863.02 Gb), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
21:08:00.0651 3156 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
21:08:00.0666 3156 Drive \Device\Harddisk2\DR3 - Size: 0xE8B6F00000 (930.86 Gb), SectorSize: 0x200, Cylinders: 0x1DAAB, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
21:08:00.0667 3156 ============================================================
21:08:00.0667 3156 \Device\Harddisk1\DR1:
21:08:00.0668 3156 MBR partitions:
21:08:00.0668 3156 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xDF93782
21:08:00.0668 3156 \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0xDF93800, BlocksNum 0xDAE77B82
21:08:00.0668 3156 \Device\Harddisk0\DR0:
21:08:00.0693 3156 MBR partitions:
21:08:00.0693 3156 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x61A7927
21:08:00.0693 3156 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x61A7966, BlocksNum 0x341DD2DB
21:08:00.0693 3156 \Device\Harddisk2\DR3:
21:08:00.0693 3156 MBR partitions:
21:08:00.0693 3156 \Device\Harddisk2\DR3\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x745B7000
21:08:00.0693 3156 ============================================================
21:08:00.0724 3156 C: <-> \Device\Harddisk1\DR1\Partition1
21:08:00.0740 3156 A: <-> \Device\Harddisk0\DR0\Partition1
21:08:00.0813 3156 H: <-> \Device\Harddisk1\DR1\Partition2
21:08:00.0855 3156 D: <-> \Device\Harddisk0\DR0\Partition2
21:08:00.0895 3156 J: <-> \Device\Harddisk2\DR3\Partition1
21:08:00.0895 3156 ============================================================
21:08:00.0895 3156 Initialize success
21:08:00.0895 3156 ============================================================
21:09:17.0386 7372 ============================================================
21:09:17.0386 7372 Scan started
21:09:17.0386 7372 Mode: Manual;
21:09:17.0386 7372 ============================================================
21:09:18.0817 7372 ================ Scan system memory ========================
21:09:18.0817 7372 System memory - ok
21:09:18.0817 7372 ================ Scan services =============================
21:09:18.0948 7372 [ 6D2ACA41739BFE8CB86EE8E85F29697D ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
21:09:18.0951 7372 1394ohci - ok
21:09:18.0984 7372 [ F0E07D144C8685B8774BC32FC8DA4DF0 ] ACPI C:\Windows\system32\DRIVERS\ACPI.sys
21:09:18.0987 7372 ACPI - ok
21:09:19.0006 7372 [ 98D81CA942D19F7D9153B095162AC013 ] AcpiPmi C:\Windows\system32\DRIVERS\acpipmi.sys
21:09:19.0007 7372 AcpiPmi - ok
21:09:19.0093 7372 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
21:09:19.0095 7372 AdobeARMservice - ok
21:09:19.0131 7372 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
21:09:19.0136 7372 adp94xx - ok
21:09:19.0172 7372 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
21:09:19.0176 7372 adpahci - ok
21:09:19.0193 7372 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
21:09:19.0195 7372 adpu320 - ok
21:09:19.0227 7372 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
21:09:19.0228 7372 AeLookupSvc - ok
21:09:19.0260 7372 [ 0DB7A48388D54D154EBEC120461A0FCD ] AFD C:\Windows\system32\drivers\afd.sys
21:09:19.0264 7372 AFD - ok
21:09:19.0284 7372 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\Windows\system32\DRIVERS\agp440.sys
21:09:19.0285 7372 agp440 - ok
21:09:19.0317 7372 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\Windows\system32\DRIVERS\djsvs.sys
21:09:19.0319 7372 aic78xx - ok
21:09:19.0360 7372 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\Windows\System32\alg.exe
21:09:19.0362 7372 ALG - ok
21:09:19.0417 7372 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\Windows\system32\DRIVERS\aliide.sys
21:09:19.0418 7372 aliide - ok
21:09:19.0523 7372 ALSysIO - ok
21:09:19.0535 7372 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\Windows\system32\DRIVERS\amdagp.sys
21:09:19.0537 7372 amdagp - ok
21:09:19.0552 7372 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\Windows\system32\DRIVERS\amdide.sys
21:09:19.0553 7372 amdide - ok
21:09:19.0570 7372 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
21:09:19.0572 7372 AmdK8 - ok
21:09:19.0581 7372 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
21:09:19.0583 7372 AmdPPM - ok
21:09:19.0613 7372 [ 19CE906B4CDC11FC4FEF5745F33A63B6 ] amdsata C:\Windows\system32\drivers\amdsata.sys
21:09:19.0615 7372 amdsata - ok
21:09:19.0633 7372 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
21:09:19.0635 7372 amdsbs - ok
21:09:19.0651 7372 [ 869E67D66BE326A5A9159FBA8746FA70 ] amdxata C:\Windows\system32\drivers\amdxata.sys
21:09:19.0652 7372 amdxata - ok
21:09:19.0677 7372 [ DD8D9C597AF7CD2F6B70A3D6A4A1ACEA ] androidusb C:\Windows\system32\Drivers\ssadadb.sys
21:09:19.0703 7372 androidusb - ok
21:09:19.0715 7372 [ FEB834C02CE1E84B6A38F953CA067706 ] AppID C:\Windows\system32\drivers\appid.sys
21:09:19.0716 7372 AppID - ok
21:09:19.0727 7372 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\Windows\System32\appidsvc.dll
21:09:19.0728 7372 AppIDSvc - ok
21:09:19.0735 7372 [ 7DEAD9E3F65DCB2794F2711003BBF650 ] Appinfo C:\Windows\System32\appinfo.dll
21:09:19.0736 7372 Appinfo - ok
21:09:19.0749 7372 [ A45D184DF6A8803DA13A0B329517A64A ] AppMgmt C:\Windows\System32\appmgmts.dll
21:09:19.0751 7372 AppMgmt - ok
21:09:19.0759 7372 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\Windows\system32\DRIVERS\arc.sys
21:09:19.0761 7372 arc - ok
21:09:19.0767 7372 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
21:09:19.0768 7372 arcsas - ok
21:09:19.0803 7372 [ C62AC9B0BBC8AB0073655ED9F17CB94C ] asahci32 C:\Windows\system32\DRIVERS\asahci32.sys
21:09:19.0805 7372 asahci32 - ok
21:09:19.0907 7372 [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
21:09:19.0932 7372 aspnet_state - ok
21:09:19.0949 7372 [ F5E4A2EBDF3A7000AD5E895F8CC3DE64 ] AsrRamDisk C:\Windows\system32\DRIVERS\AsrRamDisk.sys
21:09:19.0951 7372 AsrRamDisk - ok
21:09:19.0988 7372 [ CCDA8D84FD02AEC52E62F296433AE9DC ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys
21:09:19.0989 7372 aswFsBlk - ok
21:09:20.0026 7372 [ A6E20E62871A28A0F1C05B1681848FA7 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
21:09:20.0028 7372 aswMonFlt - ok
21:09:20.0048 7372 [ 6844738D52970A0F482768EEA941C78E ] aswRdr C:\Windows\System32\Drivers\aswrdr2.sys
21:09:20.0049 7372 aswRdr - ok
21:09:20.0106 7372 [ 657A61979F40D67CA29716149766FFA7 ] aswRvrt C:\Windows\system32\drivers\aswRvrt.sys
21:09:20.0108 7372 aswRvrt - ok
21:09:20.0121 7372 [ 0E604867FC28F00D91CB0B00D2EC830D ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
21:09:20.0128 7372 aswSnx - ok
21:09:20.0141 7372 [ 6FC4AA106AA505394C908D37CCCB9148 ] aswSP C:\Windows\system32\drivers\aswSP.sys
21:09:20.0144 7372 aswSP - ok
21:09:20.0154 7372 [ 33E21FFB063CA6C7E00D568467DC72E4 ] aswTdi C:\Windows\system32\drivers\aswTdi.sys
21:09:20.0156 7372 aswTdi - ok
21:09:20.0211 7372 [ EDB0C9BA44B748E420CCA989FD8B826E ] aswVmm C:\Windows\system32\drivers\aswVmm.sys
21:09:20.0213 7372 aswVmm - ok
21:09:20.0223 7372 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
21:09:20.0224 7372 AsyncMac - ok
21:09:20.0234 7372 [ 338C86357871C167A96AB976519BF59E ] atapi C:\Windows\system32\DRIVERS\atapi.sys
21:09:20.0234 7372 atapi - ok
21:09:20.0250 7372 [ 510C873BFA135AA829F4180352772734 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
21:09:20.0254 7372 AudioEndpointBuilder - ok
21:09:20.0259 7372 [ 510C873BFA135AA829F4180352772734 ] Audiosrv C:\Windows\System32\Audiosrv.dll
21:09:20.0261 7372 Audiosrv - ok
21:09:20.0320 7372 [ 41735B82DB57E4EBE9504EC400FD120E ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
21:09:20.0372 7372 avast! Antivirus - ok
21:09:20.0423 7372 [ 7692F4B242E45870873CAF4CB85CF769 ] AxAutoMntSrv C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe
21:09:20.0425 7372 AxAutoMntSrv - ok
21:09:20.0441 7372 [ DD6A431B43E34B91A767D1CE33728175 ] AxInstSV C:\Windows\System32\AxInstSV.dll
21:09:20.0443 7372 AxInstSV - ok
21:09:20.0463 7372 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\Windows\system32\DRIVERS\bxvbdx.sys
21:09:20.0468 7372 b06bdrv - ok
21:09:20.0498 7372 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
21:09:20.0501 7372 b57nd60x - ok
21:09:20.0515 7372 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\Windows\System32\bdesvc.dll
21:09:20.0517 7372 BDESVC - ok
21:09:20.0529 7372 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\Windows\system32\drivers\Beep.sys
21:09:20.0530 7372 Beep - ok
21:09:20.0551 7372 [ 85AC71C045CEB054ED48A7841AAE0C11 ] BFE C:\Windows\System32\bfe.dll
21:09:20.0555 7372 BFE - ok
21:09:20.0585 7372 [ 53F476476F55A27F580661BDE09C4EC4 ] BITS C:\Windows\System32\qmgr.dll
21:09:20.0592 7372 BITS - ok
21:09:20.0607 7372 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
21:09:20.0608 7372 blbdrive - ok
21:09:20.0624 7372 [ 9A5C671B7FBAE4865149BB11F59B91B2 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
21:09:20.0626 7372 bowser - ok
21:09:20.0640 7372 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
21:09:20.0641 7372 BrFiltLo - ok
21:09:20.0651 7372 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
21:09:20.0653 7372 BrFiltUp - ok
21:09:20.0663 7372 [ 598E1280E7FF3744F4B8329366CC5635 ] Browser C:\Windows\System32\browser.dll
21:09:20.0664 7372 Browser - ok
21:09:20.0683 7372 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\Windows\System32\Drivers\Brserid.sys
21:09:20.0686 7372 Brserid - ok
21:09:20.0705 7372 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
21:09:20.0706 7372 BrSerWdm - ok
21:09:20.0717 7372 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
21:09:20.0718 7372 BrUsbMdm - ok
21:09:20.0720 7372 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
21:09:20.0721 7372 BrUsbSer - ok
21:09:20.0747 7372 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
21:09:20.0748 7372 BTHMODEM - ok
21:09:20.0752 7372 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\Windows\system32\bthserv.dll
21:09:20.0753 7372 bthserv - ok
21:09:20.0764 7372 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
21:09:20.0765 7372 cdfs - ok
21:09:20.0817 7372 [ BA6E70AA0E6091BC39DE29477D866A77 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
21:09:20.0819 7372 cdrom - ok
21:09:20.0826 7372 [ 628A9E30EC5E18DD5DE6BE4DBDC12198 ] CertPropSvc C:\Windows\System32\certprop.dll
21:09:20.0828 7372 CertPropSvc - ok
21:09:20.0844 7372 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
21:09:20.0845 7372 circlass - ok
21:09:20.0879 7372 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\Windows\system32\CLFS.sys
21:09:20.0882 7372 CLFS - ok
21:09:20.0922 7372 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:09:20.0925 7372 clr_optimization_v2.0.50727_32 - ok
21:09:20.0976 7372 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:09:21.0026 7372 clr_optimization_v4.0.30319_32 - ok
21:09:21.0042 7372 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
21:09:21.0043 7372 CmBatt - ok
21:09:21.0053 7372 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\Windows\system32\DRIVERS\cmdide.sys
21:09:21.0054 7372 cmdide - ok
21:09:21.0056 7372 cmuda3 - ok
21:09:21.0084 7372 [ DB5E008B3744DD60C8498CBBF2A1CFA6 ] CNG C:\Windows\system32\Drivers\cng.sys
21:09:21.0089 7372 CNG - ok
21:09:21.0117 7372 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
21:09:21.0119 7372 Compbatt - ok
21:09:21.0135 7372 [ F1724BA27E97D627F808FB0BA77A28A6 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
21:09:21.0136 7372 CompositeBus - ok
21:09:21.0138 7372 COMSysApp - ok
21:09:21.0171 7372 [ FDAFC5748C2509F96D0F7694408D9B95 ] cphs C:\Windows\system32\IntelCpHeciSvc.exe
21:09:21.0175 7372 cphs - ok
21:09:21.0218 7372 [ 3411FDF098AA20193EEE5FFA36BA43B2 ] cpuz135 C:\Windows\system32\drivers\cpuz135_x32.sys
21:09:21.0219 7372 cpuz135 - ok
21:09:21.0240 7372 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
21:09:21.0242 7372 crcdisk - ok
21:09:21.0281 7372 [ 520A108A2657F4BCA7FCED9CA7D885DE ] CryptSvc C:\Windows\system32\cryptsvc.dll
21:09:21.0283 7372 CryptSvc - ok
21:09:21.0297 7372 [ 27C9490BDD0AE48911AB8CF1932591ED ] CSC C:\Windows\system32\drivers\csc.sys
21:09:21.0300 7372 CSC - ok
21:09:21.0333 7372 [ 56FB5F222EA30D3D3FC459879772CB73 ] CscService C:\Windows\System32\cscsvc.dll
21:09:21.0339 7372 CscService - ok
21:09:21.0359 7372 [ B82CD39E336973359D7C9BF911E8E84F ] DcomLaunch C:\Windows\system32\rpcss.dll
21:09:21.0364 7372 DcomLaunch - ok
21:09:21.0389 7372 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\Windows\System32\defragsvc.dll
21:09:21.0392 7372 defragsvc - ok
21:09:21.0434 7372 [ 83D1ECEA8FAAE75604C0FA49AC7AD996 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
21:09:21.0436 7372 DfsC - ok
21:09:21.0460 7372 dgderdrv - ok
21:09:21.0494 7372 [ 6CC6C4B9D7B906A151AA094CA087B9F0 ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys
21:09:21.0496 7372 dg_ssudbus - ok
21:09:21.0500 7372 [ C56495FBD770712367CAD35E5DE72DA6 ] Dhcp C:\Windows\system32\dhcpcore.dll
21:09:21.0504 7372 Dhcp - ok
21:09:21.0517 7372 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\Windows\system32\drivers\discache.sys
21:09:21.0518 7372 discache - ok
21:09:21.0535 7372 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\Windows\system32\DRIVERS\disk.sys
21:09:21.0536 7372 Disk - ok
21:09:21.0560 7372 [ B15BE77A2BACF9C3177D27518AFE26A9 ] Dnscache C:\Windows\System32\dnsrslvr.dll
21:09:21.0562 7372 Dnscache - ok
21:09:21.0569 7372 [ 4408C85C21EEA48EB0CE486BAEEF0502 ] dot3svc C:\Windows\System32\dot3svc.dll
21:09:21.0572 7372 dot3svc - ok
21:09:21.0611 7372 [ B5E479EB83707DD698F66953E922042C ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys
21:09:21.0613 7372 Dot4 - ok
21:09:21.0627 7372 [ C25FEA07A8E7767E8B89AB96A3B96519 ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys
21:09:21.0628 7372 Dot4Print - ok
21:09:21.0687 7372 [ CF491FF38D62143203C065260567E2F7 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
21:09:21.0689 7372 dot4usb - ok
21:09:21.0713 7372 [ 7FA81C6E11CAA594ADB52084DA73A1E5 ] DPS C:\Windows\system32\dps.dll
21:09:21.0715 7372 DPS - ok
21:09:21.0793 7372 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
21:09:21.0794 7372 drmkaud - ok
21:09:21.0828 7372 [ 1679A4669326CB1A67CC95658D273234 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
21:09:21.0834 7372 DXGKrnl - ok
21:09:22.0586 7372 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\Windows\System32\eapsvc.dll
21:09:22.0589 7372 EapHost - ok
21:09:22.0656 7372 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\Windows\system32\DRIVERS\evbdx.sys
21:09:22.0691 7372 ebdrv - ok
21:09:22.0770 7372 [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] EFS C:\Windows\System32\lsass.exe
21:09:22.0773 7372 EFS - ok
21:09:22.0820 7372 [ 1697C39978CD69F6FBC15302EDCECE1F ] ehRecvr C:\Windows\ehome\ehRecvr.exe
21:09:22.0825 7372 ehRecvr - ok
21:09:22.0883 7372 [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched C:\Windows\ehome\ehsched.exe
21:09:22.0885 7372 ehSched - ok
21:09:22.0896 7372 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
21:09:22.0901 7372 elxstor - ok
21:09:22.0920 7372 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\Windows\system32\DRIVERS\errdev.sys
21:09:22.0921 7372 ErrDev - ok
21:09:22.0938 7372 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\Windows\system32\es.dll
21:09:22.0941 7372 EventSystem - ok
21:09:22.0999 7372 [ 898AD7D508F6ADE242D94752E09F4152 ] EverestDriver C:\Program Files\Lavalys\EVEREST Ultimate Edition\kerneld.wnt
21:09:23.0002 7372 EverestDriver - ok
21:09:23.0049 7372 [ 82E7EB9F12321052CD9A904B13724EE2 ] ewusbnet C:\Windows\system32\DRIVERS\ewusbnet.sys
21:09:23.0051 7372 ewusbnet - ok
21:09:23.0163 7372 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\Windows\system32\drivers\exfat.sys
21:09:23.0164 7372 exfat - ok
21:09:23.0180 7372 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\Windows\system32\drivers\fastfat.sys
21:09:23.0183 7372 fastfat - ok
21:09:23.0233 7372 [ F7EA23CC5E6BF2181F3F399D54F6EFC1 ] Fax C:\Windows\system32\fxssvc.exe
21:09:23.0239 7372 Fax - ok
21:09:23.0307 7372 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
21:09:23.0309 7372 fdc - ok
21:09:23.0326 7372 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\Windows\system32\fdPHost.dll
21:09:23.0328 7372 fdPHost - ok
21:09:23.0334 7372 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\Windows\system32\fdrespub.dll
21:09:23.0335 7372 FDResPub - ok
21:09:23.0338 7372 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
21:09:23.0339 7372 FileInfo - ok
21:09:23.0350 7372 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
21:09:23.0352 7372 Filetrace - ok
21:09:23.0412 7372 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
21:09:23.0413 7372 flpydisk - ok
21:09:23.0433 7372 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
21:09:23.0436 7372 FltMgr - ok
21:09:23.0451 7372 [ 4BD9964632325802F8DC971F6987CD1B ] FNETTBOH_305 C:\Windows\system32\drivers\FNETTBOH_305.SYS
21:09:23.0452 7372 FNETTBOH_305 - ok
21:09:23.0476 7372 [ 47BDA10316324CFA540F25AB7021F0D8 ] FNETURPX C:\Windows\system32\drivers\FNETURPX.SYS
21:09:23.0477 7372 FNETURPX - ok
21:09:23.0515 7372 [ 7FE4995528A7529A761875151EE3D512 ] FontCache C:\Windows\system32\FntCache.dll
21:09:23.0522 7372 FontCache - ok
21:09:23.0579 7372 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
21:09:23.0582 7372 FontCache3.0.0.0 - ok
21:09:23.0590 7372 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
21:09:23.0592 7372 FsDepends - ok
21:09:23.0622 7372 [ 500A9814FD9446A8126858A5A7F7D273 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
21:09:23.0624 7372 Fs_Rec - ok
21:09:23.0648 7372 [ DAFBD9FE39197495AED6D51F3B85B5D2 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
21:09:23.0651 7372 fvevol - ok
21:09:23.0669 7372 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
21:09:23.0671 7372 gagp30kx - ok
21:09:23.0724 7372 [ 93CA4D9A0433BE0EDD0B9F2F26D5E54C ] ggflt C:\Windows\system32\DRIVERS\ggflt.sys
21:09:23.0726 7372 ggflt - ok
21:09:23.0753 7372 [ 17E678AAB82CCDFB80E7614504933895 ] ggsemc C:\Windows\system32\DRIVERS\ggsemc.sys
21:09:23.0754 7372 ggsemc - ok
21:09:23.0825 7372 [ 8BA3C04702BF8F927AB36AE8313CA4EE ] gpsvc C:\Windows\System32\gpsvc.dll
21:09:23.0831 7372 gpsvc - ok
21:09:23.0861 7372 GPU-Z - ok
21:09:23.0982 7372 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
21:09:23.0984 7372 gupdate - ok
21:09:23.0986 7372 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
21:09:23.0987 7372 gupdatem - ok
21:09:23.0989 7372 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
21:09:23.0990 7372 hcw85cir - ok
21:09:24.0015 7372 [ 3530CAD25DEBA7DC7DE8BB51632CBC5F ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
21:09:24.0019 7372 HdAudAddService - ok
21:09:24.0029 7372 [ 717A2207FD6F13AD3E664C7D5A43C7BF ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
21:09:24.0031 7372 HDAudBus - ok
21:09:24.0062 7372 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
21:09:24.0063 7372 HidBatt - ok
21:09:24.0072 7372 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
21:09:24.0074 7372 HidBth - ok
21:09:24.0086 7372 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
21:09:24.0087 7372 HidIr - ok
21:09:24.0106 7372 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\Windows\system32\hidserv.dll
21:09:24.0108 7372 hidserv - ok
21:09:24.0141 7372 [ 25072FB35AC90B25F9E4E3BACF774102 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
21:09:24.0142 7372 HidUsb - ok
21:09:24.0148 7372 [ 741C2A45CA8407E374AABA3E330B7872 ] hkmsvc C:\Windows\system32\kmsvc.dll
21:09:24.0151 7372 hkmsvc - ok
21:09:24.0177 7372 [ A768CA158BB06782A2835B907F4873C3 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
21:09:24.0180 7372 HomeGroupListener - ok
21:09:24.0190 7372 [ FB08DEC5EF43D0C66D83B8E9694E7549 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
21:09:24.0194 7372 HomeGroupProvider - ok
21:09:24.0340 7372 [ 1DAE5C46D42B02A6D5862E1482EFB390 ] hpqcxs08 C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
21:09:24.0343 7372 hpqcxs08 - ok
21:09:24.0353 7372 [ 99E8EEF42FE2F4AF29B08C3355DD7685 ] hpqddsvc C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
21:09:24.0355 7372 hpqddsvc - ok
21:09:24.0360 7372 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\Windows\system32\DRIVERS\HpSAMD.sys
21:09:24.0362 7372 HpSAMD - ok
21:09:24.0432 7372 [ C3B71A7EE3ADA9E9D1A30133B9D2FC74 ] HPSLPSVC C:\Users\Rasty Kartas\AppData\Local\Temp\7zS1931\hpslpsvc32.dll
21:09:24.0439 7372 HPSLPSVC - ok
21:09:24.0496 7372 [ C531C7FD9E8B62021112787C4E2C5A5A ] HTTP C:\Windows\system32\drivers\HTTP.sys
21:09:24.0501 7372 HTTP - ok
21:09:24.0558 7372 [ 348C3A9D01E68A0222A246346924AA55 ] hwdatacard C:\Windows\system32\DRIVERS\ewusbmdm.sys
21:09:24.0560 7372 hwdatacard - ok
21:09:24.0581 7372 [ 8305F33CDE89AD6C7A0763ED0B5A8D42 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
21:09:24.0582 7372 hwpolicy - ok
21:09:24.0598 7372 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
21:09:24.0600 7372 i8042prt - ok
21:09:24.0638 7372 [ E64665E2A6CAEB52C8AE6E5EB6F3FD7C ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
21:09:24.0642 7372 iaStor - ok
21:09:24.0686 7372 [ 902F9086295B54B516B9664327079739 ] iaStorA C:\Windows\system32\DRIVERS\iaStorA.sys
21:09:24.0691 7372 iaStorA - ok
21:09:24.0693 7372 [ 13F98AAE8E9030C38A9DA7DADE6325A9 ] iaStorF C:\Windows\system32\DRIVERS\iaStorF.sys
21:09:24.0694 7372 iaStorF - ok
21:09:24.0735 7372 [ 71F1A494FEDF4B33C02C4A6A28D6D9E9 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
21:09:24.0738 7372 iaStorV - ok
21:09:24.0783 7372 [ 5AF815EB5BC9802E5A064E2BA62BFC0C ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
21:09:24.0791 7372 idsvc - ok
21:09:25.0008 7372 [ DEFCCA620FF9EC4E9E2E1619263821A7 ] igfx C:\Windows\system32\DRIVERS\igdkmd32.sys
21:09:25.0190 7372 igfx - ok
21:09:25.0266 7372 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
21:09:25.0267 7372 iirsp - ok
21:09:25.0298 7372 [ F24395EAE5CDAAF36FDF4D9A4EF1B734 ] ikbevent C:\Windows\system32\DRIVERS\ikbevent.sys
21:09:25.0299 7372 ikbevent - ok
21:09:25.0331 7372 [ FAC0EE6562B121B1399D6E855583F7A5 ] IKEEXT C:\Windows\System32\ikeext.dll
21:09:25.0338 7372 IKEEXT - ok
21:09:25.0366 7372 [ D57DC259515E9F16511E6B3982C172B9 ] imsevent C:\Windows\system32\DRIVERS\imsevent.sys
21:09:25.0367 7372 imsevent - ok
21:09:25.0753 7372 [ 345AC48D17F5C2F2AA1EE50D34C3978B ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
21:09:25.0780 7372 IntcAzAudAddService - ok
21:09:25.0897 7372 [ C86A9AA1CBC4C3C2C5C9DD0F6D939926 ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
21:09:25.0901 7372 Intel(R) Capability Licensing Service Interface - ok
21:09:25.0951 7372 [ 709C8623721A1F1EF388EA75A07EC33B ] Intel(R) ME Service C:\Program Files\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
21:09:25.0953 7372 Intel(R) ME Service - ok
21:09:25.0964 7372 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\Windows\system32\DRIVERS\intelide.sys
21:09:25.0966 7372 intelide - ok
21:09:25.0978 7372 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
21:09:25.0980 7372 intelppm - ok
21:09:25.0987 7372 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
21:09:25.0989 7372 IPBusEnum - ok
21:09:26.0005 7372 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:09:26.0007 7372 IpFilterDriver - ok
21:09:26.0032 7372 [ 477397B432A256A50EE7E4339EB9EA14 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
21:09:26.0037 7372 iphlpsvc - ok
21:09:26.0054 7372 [ E4454B6C37D7FFD5649611F6496308A7 ] IPMIDRV C:\Windows\system32\DRIVERS\IPMIDrv.sys
21:09:26.0056 7372 IPMIDRV - ok
21:09:26.0069 7372 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\Windows\system32\drivers\ipnat.sys
21:09:26.0071 7372 IPNAT - ok
21:09:26.0093 7372 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\Windows\system32\drivers\irenum.sys
21:09:26.0095 7372 IRENUM - ok
21:09:26.0142 7372 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\Windows\system32\DRIVERS\isapnp.sys
21:09:26.0144 7372 isapnp - ok
21:09:26.0169 7372 [ ED46C223AE46C6866AB77CDC41C404B7 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
21:09:26.0171 7372 iScsiPrt - ok
21:09:26.0182 7372 [ 8D9E0DD04519253C17DFA0580295EEB8 ] ISCT C:\Windows\system32\DRIVERS\ISCTD.sys
21:09:26.0184 7372 ISCT - ok
21:09:26.0213 7372 [ 394A68607D63CF36D9732C953F43AF89 ] ISCTAgent C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
21:09:26.0215 7372 ISCTAgent - ok
21:09:26.0225 7372 [ DF93E36D3DABDD53A6394806AD1B9807 ] iusb3hcs C:\Windows\system32\DRIVERS\iusb3hcs.sys
21:09:26.0226 7372 iusb3hcs - ok
21:09:26.0238 7372 [ 725D1248F64D56E61453F4FCDFA6A0B6 ] iusb3hub C:\Windows\system32\DRIVERS\iusb3hub.sys
21:09:26.0242 7372 iusb3hub - ok
21:09:26.0266 7372 [ 5C0C8D16027229BD7FC9465124BFEC9D ] iusb3xhc C:\Windows\system32\DRIVERS\iusb3xhc.sys
21:09:26.0272 7372 iusb3xhc - ok
21:09:26.0298 7372 [ C44B44E24B929631D9D7368F5B2B40CF ] jhi_service C:\Program Files\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
21:09:26.0299 7372 jhi_service - ok
21:09:26.0312 7372 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
21:09:26.0313 7372 kbdclass - ok
21:09:26.0335 7372 [ 3D9F0EBF350EDCFD6498057301455964 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
21:09:26.0337 7372 kbdhid - ok
21:09:26.0358 7372 [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] KeyIso C:\Windows\system32\lsass.exe
21:09:26.0360 7372 KeyIso - ok
21:09:26.0373 7372 [ 52FC17C8589F11747D01D3CF592673D0 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
21:09:26.0375 7372 KSecDD - ok
21:09:26.0405 7372 [ 3E5474B03568CFAB834DA3C38E8C9EFA ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
21:09:26.0407 7372 KSecPkg - ok
21:09:26.0438 7372 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\Windows\system32\msdtckrm.dll
21:09:26.0443 7372 KtmRm - ok
21:09:26.0455 7372 [ 8F6BF790D3168224C16F2AF68A84438C ] LanmanServer C:\Windows\system32\srvsvc.dll
21:09:26.0459 7372 LanmanServer - ok
21:09:26.0479 7372 [ B9891F885DCF1F0513A51CB58493CB1F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
21:09:26.0483 7372 LanmanWorkstation - ok
21:09:26.0500 7372 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
21:09:26.0502 7372 lltdio - ok
21:09:26.0540 7372 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\Windows\System32\lltdsvc.dll
21:09:26.0544 7372 lltdsvc - ok
21:09:26.0560 7372 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\Windows\System32\lmhsvc.dll
21:09:26.0563 7372 lmhosts - ok
21:09:26.0581 7372 [ 75F29D77B0540FCF47EE3BE000BBABDA ] LMS C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
21:09:26.0584 7372 LMS - ok
21:09:26.0608 7372 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
21:09:26.0611 7372 LSI_FC - ok
21:09:26.0613 7372 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
21:09:26.0614 7372 LSI_SAS - ok
21:09:26.0617 7372 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
21:09:26.0618 7372 LSI_SAS2 - ok
21:09:26.0625 7372 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
21:09:26.0627 7372 LSI_SCSI - ok
21:09:26.0636 7372 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\Windows\system32\drivers\luafv.sys
21:09:26.0638 7372 luafv - ok
21:09:26.0695 7372 [ 29CB85A1FE091C9D3AA3C72D66DF3E69 ] MBfilt C:\Windows\system32\drivers\MBfilt32.sys
21:09:26.0696 7372 MBfilt - ok
21:09:26.0724 7372 [ E2B0887816ED336685954E3D8FDAA51D ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
21:09:26.0727 7372 Mcx2Svc - ok
21:09:26.0741 7372 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
21:09:26.0742 7372 megasas - ok
21:09:26.0750 7372 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
21:09:26.0752 7372 MegaSR - ok
21:09:26.0766 7372 [ 240D715CFE4FB8F4CDA76F6863E62334 ] MEI C:\Windows\system32\DRIVERS\HECI.sys
21:09:26.0768 7372 MEI - ok
21:09:26.0856 7372 [ FAFE367D032ED82E9332B4C741A20216 ] Microsoft Office Groove Audit Service C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
21:09:26.0857 7372 Microsoft Office Groove Audit Service - ok
21:09:26.0876 7372 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\Windows\system32\mmcss.dll
21:09:26.0878 7372 MMCSS - ok
21:09:26.0894 7372 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\Windows\system32\drivers\modem.sys
21:09:26.0895 7372 Modem - ok
21:09:26.0921 7372 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
21:09:26.0922 7372 monitor - ok
21:09:26.0941 7372 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
21:09:26.0943 7372 mouclass - ok
21:09:26.0952 7372 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
21:09:26.0953 7372 mouhid - ok
21:09:26.0963 7372 [ 921C18727C5920D6C0300736646931C2 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
21:09:26.0965 7372 mountmgr - ok
21:09:27.0020 7372 [ 7EDBBB9351A38C6BB0FE98CFD44DB430 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
21:09:27.0022 7372 MozillaMaintenance - ok
21:09:27.0041 7372 [ 2AF5997438C55FB79D33D015C30E1974 ] mpio C:\Windows\system32\DRIVERS\mpio.sys
21:09:27.0043 7372 mpio - ok
21:09:27.0045 7372 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
21:09:27.0047 7372 mpsdrv - ok
21:09:27.0053 7372 [ 5CD996CECF45CBC3E8D109C86B82D69E ] MpsSvc C:\Windows\system32\mpssvc.dll
21:09:27.0060 7372 MpsSvc - ok
21:09:27.0078 7372 [ B1BE47008D20E43DA3ADC37C24CDB89D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
21:09:27.0080 7372 MRxDAV - ok
21:09:27.0117 7372 [ CA7570E42522E24324A12161DB14EC02 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
21:09:27.0119 7372 mrxsmb - ok
21:09:27.0129 7372 [ F965C3AB2B2AE5C378F4562486E35051 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:09:27.0132 7372 mrxsmb10 - ok
21:09:27.0170 7372 [ 25C38264A3C72594DD21D355D70D7A5D ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:09:27.0172 7372 mrxsmb20 - ok
21:09:27.0178 7372 [ 4326D168944123F38DD3B2D9C37A0B12 ] msahci C:\Windows\system32\DRIVERS\msahci.sys
21:09:27.0179 7372 msahci - ok
21:09:27.0189 7372 [ 455029C7174A2DBB03DBA8A0D8BDDD9A ] msdsm C:\Windows\system32\DRIVERS\msdsm.sys
21:09:27.0191 7372 msdsm - ok
21:09:27.0213 7372 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\Windows\System32\msdtc.exe
21:09:27.0216 7372 MSDTC - ok
21:09:27.0235 7372 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\Windows\system32\drivers\Msfs.sys
21:09:27.0236 7372 Msfs - ok
21:09:27.0245 7372 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
21:09:27.0246 7372 mshidkmdf - ok
21:09:27.0248 7372 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\Windows\system32\DRIVERS\msisadrv.sys
21:09:27.0250 7372 msisadrv - ok
21:09:27.0281 7372 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
21:09:27.0284 7372 MSiSCSI - ok
21:09:27.0286 7372 msiserver - ok
21:09:27.0312 7372 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
21:09:27.0314 7372 MSKSSRV - ok
21:09:27.0347 7372 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
21:09:27.0348 7372 MSPCLOCK - ok
21:09:27.0359 7372 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
21:09:27.0360 7372 MSPQM - ok
21:09:27.0379 7372 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
21:09:27.0382 7372 MsRPC - ok
21:09:27.0385 7372 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
21:09:27.0387 7372 mssmbios - ok
21:09:27.0401 7372 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
21:09:27.0402 7372 MSTEE - ok
21:09:27.0417 7372 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
21:09:27.0418 7372 MTConfig - ok
21:09:27.0428 7372 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\Windows\system32\Drivers\mup.sys
21:09:27.0430 7372 Mup - ok
21:09:27.0447 7372 [ 80284F1985C70C86F0B5F86DA2DFE1DF ] napagent C:\Windows\system32\qagentRT.dll
21:09:27.0454 7372 napagent - ok
21:09:27.0477 7372 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
21:09:27.0480 7372 NativeWifiP - ok
21:09:27.0623 7372 [ E0E4A1F81A7D69C595A8A9DDAD084C19 ] NAUpdate C:\Program Files\Nero\Update\NASvc.exe
21:09:27.0630 7372 NAUpdate - ok
21:09:28.0185 7372 [ B498A14133BD09AD0817590ACE4470AD ] NBService C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
21:09:28.0192 7372 NBService - ok
21:09:28.0229 7372 [ 23759D175A0A9BAAF04D05047BC135A8 ] NDIS C:\Windows\system32\drivers\ndis.sys
21:09:28.0236 7372 NDIS - ok
21:09:28.0249 7372 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
21:09:28.0251 7372 NdisCap - ok
21:09:28.0275 7372 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
21:09:28.0276 7372 NdisTapi - ok
21:09:28.0297 7372 [ B30AE7F2B6D7E343B0DF32E6C08FCE75 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
21:09:28.0299 7372 Ndisuio - ok
21:09:28.0310 7372 [ 267C415EADCBE53C9CA873DEE39CF3A4 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
21:09:28.0312 7372 NdisWan - ok
21:09:28.0314 7372 [ AF7E7C63DCEF3F8772726F86039D6EB4 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
21:09:28.0315 7372 NDProxy - ok
21:09:28.0364 7372 [ A081CB6FB9A12668F233EB5414BE3A0E ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
21:09:28.0366 7372 Net Driver HPZ12 - ok
21:09:28.0377 7372 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
21:09:28.0379 7372 NetBIOS - ok
21:09:28.0395 7372 [ DD52A733BF4CA5AF84562A5E2F963B91 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
21:09:28.0397 7372 NetBT - ok
21:09:28.0410 7372 [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] Netlogon C:\Windows\system32\lsass.exe
21:09:28.0412 7372 Netlogon - ok
21:09:28.0435 7372 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\Windows\System32\netman.dll
21:09:28.0439 7372 Netman - ok
21:09:28.0503 7372 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
21:09:28.0539 7372 NetMsmqActivator - ok
21:09:28.0558 7372 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
21:09:28.0558 7372 NetPipeActivator - ok
21:09:28.0567 7372 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\Windows\System32\netprofm.dll
21:09:28.0572 7372 netprofm - ok
21:09:28.0592 7372 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
21:09:28.0593 7372 NetTcpActivator - ok
21:09:28.0595 7372 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
21:09:28.0596 7372 NetTcpPortSharing - ok
21:09:28.0652 7372 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
21:09:28.0654 7372 nfrd960 - ok
21:09:28.0667 7372 [ 2226496E34BD40734946A054B1CD657F ] NlaSvc C:\Windows\System32\nlasvc.dll
21:09:28.0671 7372 NlaSvc - ok
21:09:28.0735 7372 [ A328A46D87BB92CE4D8A4528E9D84787 ] NMIndexingService C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
21:09:28.0738 7372 NMIndexingService - ok
21:09:28.0757 7372 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\Windows\system32\drivers\Npfs.sys
21:09:28.0758 7372 Npfs - ok
21:09:28.0765 7372 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\Windows\system32\nsisvc.dll
21:09:28.0768 7372 nsi - ok
21:09:28.0774 7372 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
21:09:28.0775 7372 nsiproxy - ok
21:09:28.0820 7372 [ 187002CE05693C306F43C873F821381F ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
21:09:28.0830 7372 Ntfs - ok
21:09:28.0838 7372 [ F9756A98D69098DCA8945D62858A812C ] Null C:\Windows\system32\drivers\Null.sys
21:09:28.0839 7372 Null - ok
21:09:28.0869 7372 [ 77F9F9A199B87FE3F852E12F5419240B ] NVHDA C:\Windows\system32\drivers\nvhda32v.sys
21:09:28.0871 7372 NVHDA - ok
21:09:29.0002 7372 [ 2FA5434344AF84D73F66BA402FF78690 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
21:09:29.0111 7372 nvlddmkm - ok
21:09:29.0171 7372 [ F1B0BED906F97E16F6D0C3629D2F21C6 ] nvraid C:\Windows\system32\drivers\nvraid.sys
21:09:29.0173 7372 nvraid - ok
21:09:29.0202 7372 [ 4520B63899E867F354EE012D34E11536 ] nvstor C:\Windows\system32\drivers\nvstor.sys
21:09:29.0205 7372 nvstor - ok
21:09:29.0269 7372 [ B785320CBCF5021DE9945C803696C511 ] nvsvc C:\Windows\system32\nvvsvc.exe
21:09:29.0277 7372 nvsvc - ok
21:09:29.0360 7372 [ D2B064796C369F82E96397F721C4A29D ] nvUpdatusService C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
21:09:29.0371 7372 nvUpdatusService - ok
21:09:29.0425 7372 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\Windows\system32\DRIVERS\nv_agp.sys
21:09:29.0427 7372 nv_agp - ok
21:09:29.0654 7372 [ 84DE1DD996B48B05ACE31AD015FA108A ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
21:09:29.0658 7372 odserv - ok
21:09:29.0690 7372 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
21:09:29.0691 7372 ohci1394 - ok
21:09:29.0758 7372 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:09:29.0760 7372 ose - ok
21:09:29.0881 7372 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
21:09:29.0886 7372 p2pimsvc - ok
21:09:29.0903 7372 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\Windows\system32\p2psvc.dll
21:09:29.0908 7372 p2psvc - ok
21:09:29.0964 7372 [ 01907300EB52206B06FACB9608F369A9 ] PanService C:\Program Files\PANDORA.TV\PanService\PandoraService.exe
21:09:29.0969 7372 PanService - ok
21:09:30.0024 7372 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\Windows\system32\DRIVERS\parport.sys
21:09:30.0026 7372 Parport - ok
21:09:30.0060 7372 [ 66D3415C159741ADE7038A277EFFF99F ] partmgr C:\Windows\system32\drivers\partmgr.sys
21:09:30.0061 7372 partmgr - ok
21:09:30.0075 7372 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
21:09:30.0076 7372 Parvdm - ok
21:09:30.0086 7372 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\Windows\System32\pcasvc.dll
21:09:30.0089 7372 PcaSvc - ok
21:09:30.0134 7372 [ FD2041E9BA03DB7764B2248F02475079 ] pccsmcfd C:\Windows\system32\DRIVERS\pccsmcfd.sys
21:09:30.0135 7372 pccsmcfd - ok
21:09:30.0148 7372 [ C858CB77C577780ECC456A892E7E7D0F ] pci C:\Windows\system32\DRIVERS\pci.sys
21:09:30.0150 7372 pci - ok
21:09:30.0173 7372 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\Windows\system32\DRIVERS\pciide.sys
21:09:30.0174 7372 pciide - ok
21:09:30.0195 7372 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
21:09:30.0198 7372 pcmcia - ok
21:09:30.0200 7372 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\Windows\system32\drivers\pcw.sys
21:09:30.0201 7372 pcw - ok
21:09:30.0224 7372 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\Windows\system32\drivers\peauth.sys
21:09:30.0229 7372 PEAUTH - ok
21:09:30.0291 7372 [ AF4D64D2A57B9772CF3801950B8058A6 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
21:09:30.0302 7372 PeerDistSvc - ok
21:09:30.0341 7372 [ 9C1BFF7910C89A1D12E57343475840CB ] pla C:\Windows\system32\pla.dll
21:09:30.0355 7372 pla - ok
21:09:30.0392 7372 [ 71DEF5EC79774C798342D0EA16E41780 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
21:09:30.0398 7372 PlugPlay - ok
21:09:30.0436 7372 [ 65BC271F337637731D3C71455AE1F476 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
21:09:30.0438 7372 Pml Driver HPZ12 - ok
21:09:30.0491 7372 [ 831883B107684301F48ACE752C963984 ] PnkBstrA C:\Windows\system32\PnkBstrA.exe
21:09:30.0494 7372 PnkBstrA - ok
21:09:30.0504 7372 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
21:09:30.0508 7372 PNRPAutoReg - ok
21:09:30.0512 7372 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
21:09:30.0515 7372 PNRPsvc - ok
21:09:30.0549 7372 [ 48E1B75C6DC0232FD92BAAE4BD344721 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
21:09:30.0554 7372 PolicyAgent - ok
21:09:30.0569 7372 [ DBFF83F709A91049621C1D35DD45C92C ] Power C:\Windows\system32\umpo.dll
21:09:30.0573 7372 Power - ok
21:09:30.0587 7372 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
21:09:30.0590 7372 PptpMiniport - ok
21:09:30.0619 7372 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\Windows\system32\DRIVERS\processr.sys
21:09:30.0621 7372 Processor - ok
21:09:30.0636 7372 [ AEA3BDBDBA667AA6F678CB38907E4F5E ] ProfSvc C:\Windows\system32\profsvc.dll
21:09:30.0640 7372 ProfSvc - ok
21:09:30.0654 7372 [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] ProtectedStorage C:\Windows\system32\lsass.exe
21:09:30.0656 7372 ProtectedStorage - ok
21:09:30.0662 7372 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\Windows\system32\DRIVERS\pacer.sys
21:09:30.0664 7372 Psched - ok
21:09:30.0694 7372 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
21:09:30.0705 7372 ql2300 - ok
21:09:30.0717 7372 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
21:09:30.0719 7372 ql40xx - ok
21:09:30.0728 7372 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\Windows\system32\qwave.dll
21:09:30.0733 7372 QWAVE - ok
21:09:30.0743 7372 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
21:09:30.0745 7372 QWAVEdrv - ok
21:09:30.0823 7372 [ 8F97D374AD1857E1EED85A79F29A1D3D ] RapiMgr C:\Windows\WindowsMobile\rapimgr.dll
21:09:30.0825 7372 RapiMgr - ok
21:09:30.0842 7372 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
21:09:30.0844 7372 RasAcd - ok
21:09:30.0862 7372 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
21:09:30.0864 7372 RasAgileVpn - ok
21:09:30.0878 7372 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\Windows\System32\rasauto.dll
21:09:30.0882 7372 RasAuto - ok
21:09:30.0895 7372 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
21:09:30.0896 7372 Rasl2tp - ok
21:09:30.0907 7372 [ 0CE66EC736B7FC526D78F7624C7D2A94 ] RasMan C:\Windows\System32\rasmans.dll
21:09:30.0912 7372 RasMan - ok
21:09:30.0921 7372 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
21:09:30.0923 7372 RasPppoe - ok
21:09:30.0930 7372 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
21:09:30.0932 7372 RasSstp - ok
21:09:30.0947 7372 [ 835D7E81BF517A3B72384BDCC85E1CE6 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
21:09:30.0950 7372 rdbss - ok
21:09:30.0963 7372 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
21:09:30.0964 7372 rdpbus - ok
21:09:30.0974 7372 [ 1E016846895B15A99F9A176A05029075 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
21:09:30.0975 7372 RDPCDD - ok
21:09:31.0006 7372 [ C5FF95883FFEF704D50C40D21CFB3AB5 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
21:09:31.0008 7372 RDPDR - ok
21:09:31.0010 7372 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
21:09:31.0011 7372 RDPENCDD - ok
21:09:31.0015 7372 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
21:09:31.0016 7372 RDPREFMP - ok
21:09:31.0059 7372 [ C5B8D47A4688DE9D335204EA757C2240 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
21:09:31.0062 7372 RDPWD - ok
21:09:31.0082 7372 [ 4EA225BF1CF05E158853F30A99CA29A7 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
21:09:31.0085 7372 rdyboost - ok
21:09:31.0156 7372 [ A0FF419B61AE47E26ADF3BB15DB4F2FE ] RealNetworks Downloader Resolver Service C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
21:09:31.0157 7372 RealNetworks Downloader Resolver Service - ok
21:09:31.0184 7372 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\Windows\System32\mprdim.dll
21:09:31.0187 7372 RemoteAccess - ok
21:09:31.0190 7372 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\Windows\system32\regsvc.dll
21:09:31.0194 7372 RemoteRegistry - ok
21:09:31.0208 7372 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
21:09:31.0211 7372 RpcEptMapper - ok
21:09:31.0224 7372 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\Windows\system32\locator.exe
21:09:31.0226 7372 RpcLocator - ok
21:09:31.0246 7372 [ B82CD39E336973359D7C9BF911E8E84F ] RpcSs C:\Windows\system32\rpcss.dll
21:09:31.0250 7372 RpcSs - ok
21:09:31.0260 7372 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
21:09:31.0262 7372 rspndr - ok
21:09:31.0305 7372 [ 3849D5D73BDD9B7BC4E3305DDC345B2C ] RTL8167 C:\Windows\system32\DRIVERS\Rt86win7.sys
21:09:31.0310 7372 RTL8167 - ok
21:09:31.0772 7372 [ 5423D8437051E89DD34749F242C98648 ] s3cap C:\Windows\system32\DRIVERS\vms3cap.sys
21:09:31.0774 7372 s3cap - ok
21:09:31.0776 7372 [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] SamSs C:\Windows\system32\lsass.exe
21:09:31.0778 7372 SamSs - ok
21:09:31.0798 7372 [ 34EE0C44B724E3E4CE2EFF29126DE5B5 ] sbp2port C:\Windows\system32\DRIVERS\sbp2port.sys
21:09:31.0800 7372 sbp2port - ok
21:09:31.0811 7372 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\Windows\System32\SCardSvr.dll
21:09:31.0815 7372 SCardSvr - ok
21:09:31.0820 7372 [ A95C54B2AC3CC9C73FCDF9E51A1D6B51 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
21:09:31.0821 7372 scfilter - ok
21:09:31.0922 7372 [ DF1E5C82E4D09CF8105CC644980C4803 ] Schedule C:\Windows\system32\schedsvc.dll
21:09:31.0930 7372 Schedule - ok
21:09:32.0153 7372 [ 628A9E30EC5E18DD5DE6BE4DBDC12198 ] SCPolicySvc C:\Windows\System32\certprop.dll
21:09:32.0154 7372 SCPolicySvc - ok
21:09:32.0165 7372 [ 5FD90ABDBFAEE85986802622CBB03446 ] SDRSVC C:\Windows\System32\SDRSVC.dll
21:09:32.0168 7372 SDRSVC - ok
21:09:32.0171 7372 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
21:09:32.0172 7372 secdrv - ok
21:09:32.0185 7372 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\Windows\system32\seclogon.dll
21:09:32.0188 7372 seclogon - ok
21:09:32.0197 7372 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\Windows\System32\sens.dll
21:09:32.0200 7372 SENS - ok
21:09:32.0212 7372 [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc C:\Windows\system32\sensrsvc.dll
21:09:32.0215 7372 SensrSvc - ok
21:09:32.0229 7372 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
21:09:32.0230 7372 Serenum - ok
21:09:32.0241 7372 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\Windows\system32\DRIVERS\serial.sys
21:09:32.0243 7372 Serial - ok
21:09:32.0269 7372 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
21:09:32.0270 7372 sermouse - ok
21:09:32.0420 7372 [ 3EC8DE67B1C78C31E54C0F030E6BD7D5 ] ServiceLayer C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
21:09:32.0426 7372 ServiceLayer - ok
21:09:32.0432 7372 [ 8F55CE568C543D5ADF45C409D16718FC ] SessionEnv C:\Windows\system32\sessenv.dll
21:09:32.0436 7372 SessionEnv - ok
21:09:32.0497 7372 [ 4C0D673281178CB496011A2E28571FC8 ] sfdrv01 C:\Windows\system32\drivers\sfdrv01.sys
21:09:32.0498 7372 sfdrv01 - ok
21:09:32.0523 7372 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\Windows\system32\DRIVERS\sffdisk.sys
21:09:32.0524 7372 sffdisk - ok
21:09:32.0539 7372 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\Windows\system32\DRIVERS\sffp_mmc.sys
21:09:32.0540 7372 sffp_mmc - ok
21:09:32.0554 7372 [ A0708BBD07D245C06FF9DE549CA47185 ] sffp_sd C:\Windows\system32\DRIVERS\sffp_sd.sys
21:09:32.0555 7372 sffp_sd - ok
21:09:32.0580 7372 [ 15BE2B5E4DC5B8623CF167720682ABC9 ] sfhlp02 C:\Windows\system32\drivers\sfhlp02.sys
21:09:32.0581 7372 sfhlp02 - ok
21:09:32.0607 7372 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
21:09:32.0609 7372 sfloppy - ok
21:09:32.0626 7372 [ 6120E41228A3718D8376437FE135DD4D ] sfsync02 C:\Windows\system32\drivers\sfsync02.sys
21:09:32.0628 7372 sfsync02 - ok
21:09:32.0641 7372 [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess C:\Windows\System32\ipnathlp.dll
21:09:32.0646 7372 SharedAccess - ok
21:09:32.0661 7372 [ CD2E48FA5B29EE2B3B5858056D246EF2 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
21:09:32.0666 7372 ShellHWDetection - ok
21:09:32.0694 7372 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\Windows\system32\DRIVERS\sisagp.sys
21:09:32.0695 7372 sisagp - ok
21:09:32.0715 7372 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
21:09:32.0717 7372 SiSRaid2 - ok
21:09:32.0725 7372 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
21:09:32.0727 7372 SiSRaid4 - ok
21:09:32.0750 7372 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\Windows\system32\DRIVERS\smb.sys
21:09:32.0752 7372 Smb - ok
21:09:32.0773 7372 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
21:09:32.0777 7372 SNMPTRAP - ok
21:09:32.0848 7372 [ 5177D14A78E60FD61DCFC6B388E7E971 ] Sony PC Companion C:\Program Files\Sony\Sony PC Companion\PCCService.exe
21:09:32.0851 7372 Sony PC Companion - ok
21:09:32.0863 7372 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\Windows\system32\drivers\spldr.sys
21:09:32.0865 7372 spldr - ok
21:09:32.0900 7372 [ D1BB750EB51694DE183E08B9C33BE5B2 ] Spooler C:\Windows\System32\spoolsv.exe
21:09:32.0906 7372 Spooler - ok
21:09:32.0975 7372 [ 4C287F9069FEDBD791178876EE9DE536 ] sppsvc C:\Windows\system32\sppsvc.exe
21:09:33.0029 7372 sppsvc - ok
21:09:33.0047 7372 [ D8E3E19EEBDAB49DD4A8D3062EAD4EC7 ] sppuinotify C:\Windows\system32\sppuinotify.dll
21:09:33.0050 7372 sppuinotify - ok
21:09:33.0094 7372 [ 0022CFFF1A41E5CE3A764050A7DDF22A ] sptd C:\Windows\System32\Drivers\sptd.sys
21:09:33.0099 7372 sptd - ok
21:09:33.0167 7372 [ C4A027B8C0BD3FC0699F41FA5E9E0C87 ] srv C:\Windows\system32\DRIVERS\srv.sys
21:09:33.0171 7372 srv - ok
21:09:33.0202 7372 [ 414BB592CAD8A79649D01F9D94318FB3 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
21:09:33.0206 7372 srv2 - ok
21:09:33.0230 7372 [ FF207D67700AA18242AAF985D3E7D8F4 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
21:09:33.0233 7372 srvnet - ok
21:09:33.0267 7372 [ 64E44ACD8C238FCBBB78F0BA4BDC4B05 ] ssadbus C:\Windows\system32\DRIVERS\ssadbus.sys
21:09:33.0269 7372 ssadbus - ok
21:09:33.0307 7372 [ BB2C84A15C765DA89FD832B0E73F26CE ] ssadmdfl C:\Windows\system32\DRIVERS\ssadmdfl.sys
21:09:33.0308 7372 ssadmdfl - ok
21:09:33.0322 7372 [ 6D0D132DDC6F43EDA00DCED6D8B1CA31 ] ssadmdm C:\Windows\system32\DRIVERS\ssadmdm.sys
21:09:33.0324 7372 ssadmdm - ok
21:09:33.0348 7372 [ 1A5A397BC459F346AB56492B61EF79F6 ] ssadserd C:\Windows\system32\DRIVERS\ssadserd.sys
21:09:33.0351 7372 ssadserd - ok
21:09:33.0371 7372 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
21:09:33.0376 7372 SSDPSRV - ok
21:09:33.0383 7372 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\Windows\system32\sstpsvc.dll
21:09:33.0388 7372 SstpSvc - ok
21:09:33.0445 7372 [ 359FEE084F1173FFFFD7F9CCBD43D47F ] ssudmdm C:\Windows\system32\DRIVERS\ssudmdm.sys
21:09:33.0448 7372 ssudmdm - ok
21:09:33.0513 7372 [ E5C796B621F6FBA8616511063D7F0FFE ] StarWindServiceAE C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
21:09:33.0517 7372 StarWindServiceAE - ok
21:09:33.0552 7372 Steam Client Service - ok
21:09:33.0649 7372 [ 00FCEC4DA4198F5F2B9BBD9225842568 ] Stereo Service C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
21:09:33.0653 7372 Stereo Service - ok
21:09:33.0662 7372 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
21:09:33.0664 7372 stexstor - ok
21:09:33.0777 7372 [ A22825E7BB7018E8AF3E229A5AF17221 ] StiSvc C:\Windows\System32\wiaservc.dll
21:09:33.0783 7372 StiSvc - ok
21:09:33.0814 7372 [ 957E346CA948668F2496A6CCF6FF82CC ] storflt C:\Windows\system32\DRIVERS\vmstorfl.sys
21:09:33.0816 7372 storflt - ok
21:09:33.0844 7372 [ D5751969DC3E4B88BF482AC8EC9FE019 ] storvsc C:\Windows\system32\DRIVERS\storvsc.sys
21:09:33.0846 7372 storvsc - ok
21:07:57.0215 3156 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
21:07:57.0405 3156 ============================================================
21:07:57.0405 3156 Current date / time: 2013/04/23 21:07:57.0404
21:07:57.0405 3156 SystemInfo:
21:07:57.0405 3156
21:07:57.0405 3156 OS Version: 6.1.7600 ServicePack: 0.0
21:07:57.0405 3156 Product type: Workstation
21:07:57.0405 3156 ComputerName: RASTY-KARTAS-PC
21:07:57.0405 3156 UserName: Rasty Kartas
21:07:57.0405 3156 Windows directory: C:\Windows
21:07:57.0405 3156 System windows directory: C:\Windows
21:07:57.0405 3156 Processor architecture: Intel x86
21:07:57.0405 3156 Number of processors: 4
21:07:57.0405 3156 Page size: 0x1000
21:07:57.0405 3156 Boot type: Normal boot
21:07:57.0405 3156 ============================================================
21:08:00.0633 3156 Drive \Device\Harddisk1\DR1 - Size: 0x1D1C1116000 (1863.02 Gb), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
21:08:00.0651 3156 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
21:08:00.0666 3156 Drive \Device\Harddisk2\DR3 - Size: 0xE8B6F00000 (930.86 Gb), SectorSize: 0x200, Cylinders: 0x1DAAB, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
21:08:00.0667 3156 ============================================================
21:08:00.0667 3156 \Device\Harddisk1\DR1:
21:08:00.0668 3156 MBR partitions:
21:08:00.0668 3156 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xDF93782
21:08:00.0668 3156 \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0xDF93800, BlocksNum 0xDAE77B82
21:08:00.0668 3156 \Device\Harddisk0\DR0:
21:08:00.0693 3156 MBR partitions:
21:08:00.0693 3156 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x61A7927
21:08:00.0693 3156 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x61A7966, BlocksNum 0x341DD2DB
21:08:00.0693 3156 \Device\Harddisk2\DR3:
21:08:00.0693 3156 MBR partitions:
21:08:00.0693 3156 \Device\Harddisk2\DR3\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x745B7000
21:08:00.0693 3156 ============================================================
21:08:00.0724 3156 C: <-> \Device\Harddisk1\DR1\Partition1
21:08:00.0740 3156 A: <-> \Device\Harddisk0\DR0\Partition1
21:08:00.0813 3156 H: <-> \Device\Harddisk1\DR1\Partition2
21:08:00.0855 3156 D: <-> \Device\Harddisk0\DR0\Partition2
21:08:00.0895 3156 J: <-> \Device\Harddisk2\DR3\Partition1
21:08:00.0895 3156 ============================================================
21:08:00.0895 3156 Initialize success
21:08:00.0895 3156 ============================================================
21:09:17.0386 7372 ============================================================
21:09:17.0386 7372 Scan started
21:09:17.0386 7372 Mode: Manual;
21:09:17.0386 7372 ============================================================
21:09:18.0817 7372 ================ Scan system memory ========================
21:09:18.0817 7372 System memory - ok
21:09:18.0817 7372 ================ Scan services =============================
21:09:18.0948 7372 [ 6D2ACA41739BFE8CB86EE8E85F29697D ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
21:09:18.0951 7372 1394ohci - ok
21:09:18.0984 7372 [ F0E07D144C8685B8774BC32FC8DA4DF0 ] ACPI C:\Windows\system32\DRIVERS\ACPI.sys
21:09:18.0987 7372 ACPI - ok
21:09:19.0006 7372 [ 98D81CA942D19F7D9153B095162AC013 ] AcpiPmi C:\Windows\system32\DRIVERS\acpipmi.sys
21:09:19.0007 7372 AcpiPmi - ok
21:09:19.0093 7372 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
21:09:19.0095 7372 AdobeARMservice - ok
21:09:19.0131 7372 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
21:09:19.0136 7372 adp94xx - ok
21:09:19.0172 7372 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
21:09:19.0176 7372 adpahci - ok
21:09:19.0193 7372 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
21:09:19.0195 7372 adpu320 - ok
21:09:19.0227 7372 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
21:09:19.0228 7372 AeLookupSvc - ok
21:09:19.0260 7372 [ 0DB7A48388D54D154EBEC120461A0FCD ] AFD C:\Windows\system32\drivers\afd.sys
21:09:19.0264 7372 AFD - ok
21:09:19.0284 7372 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\Windows\system32\DRIVERS\agp440.sys
21:09:19.0285 7372 agp440 - ok
21:09:19.0317 7372 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\Windows\system32\DRIVERS\djsvs.sys
21:09:19.0319 7372 aic78xx - ok
21:09:19.0360 7372 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\Windows\System32\alg.exe
21:09:19.0362 7372 ALG - ok
21:09:19.0417 7372 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\Windows\system32\DRIVERS\aliide.sys
21:09:19.0418 7372 aliide - ok
21:09:19.0523 7372 ALSysIO - ok
21:09:19.0535 7372 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\Windows\system32\DRIVERS\amdagp.sys
21:09:19.0537 7372 amdagp - ok
21:09:19.0552 7372 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\Windows\system32\DRIVERS\amdide.sys
21:09:19.0553 7372 amdide - ok
21:09:19.0570 7372 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
21:09:19.0572 7372 AmdK8 - ok
21:09:19.0581 7372 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
21:09:19.0583 7372 AmdPPM - ok
21:09:19.0613 7372 [ 19CE906B4CDC11FC4FEF5745F33A63B6 ] amdsata C:\Windows\system32\drivers\amdsata.sys
21:09:19.0615 7372 amdsata - ok
21:09:19.0633 7372 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
21:09:19.0635 7372 amdsbs - ok
21:09:19.0651 7372 [ 869E67D66BE326A5A9159FBA8746FA70 ] amdxata C:\Windows\system32\drivers\amdxata.sys
21:09:19.0652 7372 amdxata - ok
21:09:19.0677 7372 [ DD8D9C597AF7CD2F6B70A3D6A4A1ACEA ] androidusb C:\Windows\system32\Drivers\ssadadb.sys
21:09:19.0703 7372 androidusb - ok
21:09:19.0715 7372 [ FEB834C02CE1E84B6A38F953CA067706 ] AppID C:\Windows\system32\drivers\appid.sys
21:09:19.0716 7372 AppID - ok
21:09:19.0727 7372 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\Windows\System32\appidsvc.dll
21:09:19.0728 7372 AppIDSvc - ok
21:09:19.0735 7372 [ 7DEAD9E3F65DCB2794F2711003BBF650 ] Appinfo C:\Windows\System32\appinfo.dll
21:09:19.0736 7372 Appinfo - ok
21:09:19.0749 7372 [ A45D184DF6A8803DA13A0B329517A64A ] AppMgmt C:\Windows\System32\appmgmts.dll
21:09:19.0751 7372 AppMgmt - ok
21:09:19.0759 7372 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\Windows\system32\DRIVERS\arc.sys
21:09:19.0761 7372 arc - ok
21:09:19.0767 7372 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
21:09:19.0768 7372 arcsas - ok
21:09:19.0803 7372 [ C62AC9B0BBC8AB0073655ED9F17CB94C ] asahci32 C:\Windows\system32\DRIVERS\asahci32.sys
21:09:19.0805 7372 asahci32 - ok
21:09:19.0907 7372 [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
21:09:19.0932 7372 aspnet_state - ok
21:09:19.0949 7372 [ F5E4A2EBDF3A7000AD5E895F8CC3DE64 ] AsrRamDisk C:\Windows\system32\DRIVERS\AsrRamDisk.sys
21:09:19.0951 7372 AsrRamDisk - ok
21:09:19.0988 7372 [ CCDA8D84FD02AEC52E62F296433AE9DC ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys
21:09:19.0989 7372 aswFsBlk - ok
21:09:20.0026 7372 [ A6E20E62871A28A0F1C05B1681848FA7 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
21:09:20.0028 7372 aswMonFlt - ok
21:09:20.0048 7372 [ 6844738D52970A0F482768EEA941C78E ] aswRdr C:\Windows\System32\Drivers\aswrdr2.sys
21:09:20.0049 7372 aswRdr - ok
21:09:20.0106 7372 [ 657A61979F40D67CA29716149766FFA7 ] aswRvrt C:\Windows\system32\drivers\aswRvrt.sys
21:09:20.0108 7372 aswRvrt - ok
21:09:20.0121 7372 [ 0E604867FC28F00D91CB0B00D2EC830D ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
21:09:20.0128 7372 aswSnx - ok
21:09:20.0141 7372 [ 6FC4AA106AA505394C908D37CCCB9148 ] aswSP C:\Windows\system32\drivers\aswSP.sys
21:09:20.0144 7372 aswSP - ok
21:09:20.0154 7372 [ 33E21FFB063CA6C7E00D568467DC72E4 ] aswTdi C:\Windows\system32\drivers\aswTdi.sys
21:09:20.0156 7372 aswTdi - ok
21:09:20.0211 7372 [ EDB0C9BA44B748E420CCA989FD8B826E ] aswVmm C:\Windows\system32\drivers\aswVmm.sys
21:09:20.0213 7372 aswVmm - ok
21:09:20.0223 7372 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
21:09:20.0224 7372 AsyncMac - ok
21:09:20.0234 7372 [ 338C86357871C167A96AB976519BF59E ] atapi C:\Windows\system32\DRIVERS\atapi.sys
21:09:20.0234 7372 atapi - ok
21:09:20.0250 7372 [ 510C873BFA135AA829F4180352772734 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
21:09:20.0254 7372 AudioEndpointBuilder - ok
21:09:20.0259 7372 [ 510C873BFA135AA829F4180352772734 ] Audiosrv C:\Windows\System32\Audiosrv.dll
21:09:20.0261 7372 Audiosrv - ok
21:09:20.0320 7372 [ 41735B82DB57E4EBE9504EC400FD120E ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
21:09:20.0372 7372 avast! Antivirus - ok
21:09:20.0423 7372 [ 7692F4B242E45870873CAF4CB85CF769 ] AxAutoMntSrv C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe
21:09:20.0425 7372 AxAutoMntSrv - ok
21:09:20.0441 7372 [ DD6A431B43E34B91A767D1CE33728175 ] AxInstSV C:\Windows\System32\AxInstSV.dll
21:09:20.0443 7372 AxInstSV - ok
21:09:20.0463 7372 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\Windows\system32\DRIVERS\bxvbdx.sys
21:09:20.0468 7372 b06bdrv - ok
21:09:20.0498 7372 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
21:09:20.0501 7372 b57nd60x - ok
21:09:20.0515 7372 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\Windows\System32\bdesvc.dll
21:09:20.0517 7372 BDESVC - ok
21:09:20.0529 7372 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\Windows\system32\drivers\Beep.sys
21:09:20.0530 7372 Beep - ok
21:09:20.0551 7372 [ 85AC71C045CEB054ED48A7841AAE0C11 ] BFE C:\Windows\System32\bfe.dll
21:09:20.0555 7372 BFE - ok
21:09:20.0585 7372 [ 53F476476F55A27F580661BDE09C4EC4 ] BITS C:\Windows\System32\qmgr.dll
21:09:20.0592 7372 BITS - ok
21:09:20.0607 7372 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
21:09:20.0608 7372 blbdrive - ok
21:09:20.0624 7372 [ 9A5C671B7FBAE4865149BB11F59B91B2 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
21:09:20.0626 7372 bowser - ok
21:09:20.0640 7372 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
21:09:20.0641 7372 BrFiltLo - ok
21:09:20.0651 7372 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
21:09:20.0653 7372 BrFiltUp - ok
21:09:20.0663 7372 [ 598E1280E7FF3744F4B8329366CC5635 ] Browser C:\Windows\System32\browser.dll
21:09:20.0664 7372 Browser - ok
21:09:20.0683 7372 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\Windows\System32\Drivers\Brserid.sys
21:09:20.0686 7372 Brserid - ok
21:09:20.0705 7372 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
21:09:20.0706 7372 BrSerWdm - ok
21:09:20.0717 7372 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
21:09:20.0718 7372 BrUsbMdm - ok
21:09:20.0720 7372 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
21:09:20.0721 7372 BrUsbSer - ok
21:09:20.0747 7372 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
21:09:20.0748 7372 BTHMODEM - ok
21:09:20.0752 7372 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\Windows\system32\bthserv.dll
21:09:20.0753 7372 bthserv - ok
21:09:20.0764 7372 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
21:09:20.0765 7372 cdfs - ok
21:09:20.0817 7372 [ BA6E70AA0E6091BC39DE29477D866A77 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
21:09:20.0819 7372 cdrom - ok
21:09:20.0826 7372 [ 628A9E30EC5E18DD5DE6BE4DBDC12198 ] CertPropSvc C:\Windows\System32\certprop.dll
21:09:20.0828 7372 CertPropSvc - ok
21:09:20.0844 7372 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
21:09:20.0845 7372 circlass - ok
21:09:20.0879 7372 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\Windows\system32\CLFS.sys
21:09:20.0882 7372 CLFS - ok
21:09:20.0922 7372 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:09:20.0925 7372 clr_optimization_v2.0.50727_32 - ok
21:09:20.0976 7372 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:09:21.0026 7372 clr_optimization_v4.0.30319_32 - ok
21:09:21.0042 7372 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
21:09:21.0043 7372 CmBatt - ok
21:09:21.0053 7372 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\Windows\system32\DRIVERS\cmdide.sys
21:09:21.0054 7372 cmdide - ok
21:09:21.0056 7372 cmuda3 - ok
21:09:21.0084 7372 [ DB5E008B3744DD60C8498CBBF2A1CFA6 ] CNG C:\Windows\system32\Drivers\cng.sys
21:09:21.0089 7372 CNG - ok
21:09:21.0117 7372 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
21:09:21.0119 7372 Compbatt - ok
21:09:21.0135 7372 [ F1724BA27E97D627F808FB0BA77A28A6 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
21:09:21.0136 7372 CompositeBus - ok
21:09:21.0138 7372 COMSysApp - ok
21:09:21.0171 7372 [ FDAFC5748C2509F96D0F7694408D9B95 ] cphs C:\Windows\system32\IntelCpHeciSvc.exe
21:09:21.0175 7372 cphs - ok
21:09:21.0218 7372 [ 3411FDF098AA20193EEE5FFA36BA43B2 ] cpuz135 C:\Windows\system32\drivers\cpuz135_x32.sys
21:09:21.0219 7372 cpuz135 - ok
21:09:21.0240 7372 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
21:09:21.0242 7372 crcdisk - ok
21:09:21.0281 7372 [ 520A108A2657F4BCA7FCED9CA7D885DE ] CryptSvc C:\Windows\system32\cryptsvc.dll
21:09:21.0283 7372 CryptSvc - ok
21:09:21.0297 7372 [ 27C9490BDD0AE48911AB8CF1932591ED ] CSC C:\Windows\system32\drivers\csc.sys
21:09:21.0300 7372 CSC - ok
21:09:21.0333 7372 [ 56FB5F222EA30D3D3FC459879772CB73 ] CscService C:\Windows\System32\cscsvc.dll
21:09:21.0339 7372 CscService - ok
21:09:21.0359 7372 [ B82CD39E336973359D7C9BF911E8E84F ] DcomLaunch C:\Windows\system32\rpcss.dll
21:09:21.0364 7372 DcomLaunch - ok
21:09:21.0389 7372 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\Windows\System32\defragsvc.dll
21:09:21.0392 7372 defragsvc - ok
21:09:21.0434 7372 [ 83D1ECEA8FAAE75604C0FA49AC7AD996 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
21:09:21.0436 7372 DfsC - ok
21:09:21.0460 7372 dgderdrv - ok
21:09:21.0494 7372 [ 6CC6C4B9D7B906A151AA094CA087B9F0 ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys
21:09:21.0496 7372 dg_ssudbus - ok
21:09:21.0500 7372 [ C56495FBD770712367CAD35E5DE72DA6 ] Dhcp C:\Windows\system32\dhcpcore.dll
21:09:21.0504 7372 Dhcp - ok
21:09:21.0517 7372 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\Windows\system32\drivers\discache.sys
21:09:21.0518 7372 discache - ok
21:09:21.0535 7372 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\Windows\system32\DRIVERS\disk.sys
21:09:21.0536 7372 Disk - ok
21:09:21.0560 7372 [ B15BE77A2BACF9C3177D27518AFE26A9 ] Dnscache C:\Windows\System32\dnsrslvr.dll
21:09:21.0562 7372 Dnscache - ok
21:09:21.0569 7372 [ 4408C85C21EEA48EB0CE486BAEEF0502 ] dot3svc C:\Windows\System32\dot3svc.dll
21:09:21.0572 7372 dot3svc - ok
21:09:21.0611 7372 [ B5E479EB83707DD698F66953E922042C ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys
21:09:21.0613 7372 Dot4 - ok
21:09:21.0627 7372 [ C25FEA07A8E7767E8B89AB96A3B96519 ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys
21:09:21.0628 7372 Dot4Print - ok
21:09:21.0687 7372 [ CF491FF38D62143203C065260567E2F7 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
21:09:21.0689 7372 dot4usb - ok
21:09:21.0713 7372 [ 7FA81C6E11CAA594ADB52084DA73A1E5 ] DPS C:\Windows\system32\dps.dll
21:09:21.0715 7372 DPS - ok
21:09:21.0793 7372 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
21:09:21.0794 7372 drmkaud - ok
21:09:21.0828 7372 [ 1679A4669326CB1A67CC95658D273234 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
21:09:21.0834 7372 DXGKrnl - ok
21:09:22.0586 7372 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\Windows\System32\eapsvc.dll
21:09:22.0589 7372 EapHost - ok
21:09:22.0656 7372 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\Windows\system32\DRIVERS\evbdx.sys
21:09:22.0691 7372 ebdrv - ok
21:09:22.0770 7372 [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] EFS C:\Windows\System32\lsass.exe
21:09:22.0773 7372 EFS - ok
21:09:22.0820 7372 [ 1697C39978CD69F6FBC15302EDCECE1F ] ehRecvr C:\Windows\ehome\ehRecvr.exe
21:09:22.0825 7372 ehRecvr - ok
21:09:22.0883 7372 [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched C:\Windows\ehome\ehsched.exe
21:09:22.0885 7372 ehSched - ok
21:09:22.0896 7372 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
21:09:22.0901 7372 elxstor - ok
21:09:22.0920 7372 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\Windows\system32\DRIVERS\errdev.sys
21:09:22.0921 7372 ErrDev - ok
21:09:22.0938 7372 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\Windows\system32\es.dll
21:09:22.0941 7372 EventSystem - ok
21:09:22.0999 7372 [ 898AD7D508F6ADE242D94752E09F4152 ] EverestDriver C:\Program Files\Lavalys\EVEREST Ultimate Edition\kerneld.wnt
21:09:23.0002 7372 EverestDriver - ok
21:09:23.0049 7372 [ 82E7EB9F12321052CD9A904B13724EE2 ] ewusbnet C:\Windows\system32\DRIVERS\ewusbnet.sys
21:09:23.0051 7372 ewusbnet - ok
21:09:23.0163 7372 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\Windows\system32\drivers\exfat.sys
21:09:23.0164 7372 exfat - ok
21:09:23.0180 7372 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\Windows\system32\drivers\fastfat.sys
21:09:23.0183 7372 fastfat - ok
21:09:23.0233 7372 [ F7EA23CC5E6BF2181F3F399D54F6EFC1 ] Fax C:\Windows\system32\fxssvc.exe
21:09:23.0239 7372 Fax - ok
21:09:23.0307 7372 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
21:09:23.0309 7372 fdc - ok
21:09:23.0326 7372 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\Windows\system32\fdPHost.dll
21:09:23.0328 7372 fdPHost - ok
21:09:23.0334 7372 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\Windows\system32\fdrespub.dll
21:09:23.0335 7372 FDResPub - ok
21:09:23.0338 7372 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
21:09:23.0339 7372 FileInfo - ok
21:09:23.0350 7372 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
21:09:23.0352 7372 Filetrace - ok
21:09:23.0412 7372 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
21:09:23.0413 7372 flpydisk - ok
21:09:23.0433 7372 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
21:09:23.0436 7372 FltMgr - ok
21:09:23.0451 7372 [ 4BD9964632325802F8DC971F6987CD1B ] FNETTBOH_305 C:\Windows\system32\drivers\FNETTBOH_305.SYS
21:09:23.0452 7372 FNETTBOH_305 - ok
21:09:23.0476 7372 [ 47BDA10316324CFA540F25AB7021F0D8 ] FNETURPX C:\Windows\system32\drivers\FNETURPX.SYS
21:09:23.0477 7372 FNETURPX - ok
21:09:23.0515 7372 [ 7FE4995528A7529A761875151EE3D512 ] FontCache C:\Windows\system32\FntCache.dll
21:09:23.0522 7372 FontCache - ok
21:09:23.0579 7372 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
21:09:23.0582 7372 FontCache3.0.0.0 - ok
21:09:23.0590 7372 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
21:09:23.0592 7372 FsDepends - ok
21:09:23.0622 7372 [ 500A9814FD9446A8126858A5A7F7D273 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
21:09:23.0624 7372 Fs_Rec - ok
21:09:23.0648 7372 [ DAFBD9FE39197495AED6D51F3B85B5D2 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
21:09:23.0651 7372 fvevol - ok
21:09:23.0669 7372 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
21:09:23.0671 7372 gagp30kx - ok
21:09:23.0724 7372 [ 93CA4D9A0433BE0EDD0B9F2F26D5E54C ] ggflt C:\Windows\system32\DRIVERS\ggflt.sys
21:09:23.0726 7372 ggflt - ok
21:09:23.0753 7372 [ 17E678AAB82CCDFB80E7614504933895 ] ggsemc C:\Windows\system32\DRIVERS\ggsemc.sys
21:09:23.0754 7372 ggsemc - ok
21:09:23.0825 7372 [ 8BA3C04702BF8F927AB36AE8313CA4EE ] gpsvc C:\Windows\System32\gpsvc.dll
21:09:23.0831 7372 gpsvc - ok
21:09:23.0861 7372 GPU-Z - ok
21:09:23.0982 7372 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
21:09:23.0984 7372 gupdate - ok
21:09:23.0986 7372 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
21:09:23.0987 7372 gupdatem - ok
21:09:23.0989 7372 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
21:09:23.0990 7372 hcw85cir - ok
21:09:24.0015 7372 [ 3530CAD25DEBA7DC7DE8BB51632CBC5F ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
21:09:24.0019 7372 HdAudAddService - ok
21:09:24.0029 7372 [ 717A2207FD6F13AD3E664C7D5A43C7BF ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
21:09:24.0031 7372 HDAudBus - ok
21:09:24.0062 7372 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
21:09:24.0063 7372 HidBatt - ok
21:09:24.0072 7372 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
21:09:24.0074 7372 HidBth - ok
21:09:24.0086 7372 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
21:09:24.0087 7372 HidIr - ok
21:09:24.0106 7372 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\Windows\system32\hidserv.dll
21:09:24.0108 7372 hidserv - ok
21:09:24.0141 7372 [ 25072FB35AC90B25F9E4E3BACF774102 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
21:09:24.0142 7372 HidUsb - ok
21:09:24.0148 7372 [ 741C2A45CA8407E374AABA3E330B7872 ] hkmsvc C:\Windows\system32\kmsvc.dll
21:09:24.0151 7372 hkmsvc - ok
21:09:24.0177 7372 [ A768CA158BB06782A2835B907F4873C3 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
21:09:24.0180 7372 HomeGroupListener - ok
21:09:24.0190 7372 [ FB08DEC5EF43D0C66D83B8E9694E7549 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
21:09:24.0194 7372 HomeGroupProvider - ok
21:09:24.0340 7372 [ 1DAE5C46D42B02A6D5862E1482EFB390 ] hpqcxs08 C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
21:09:24.0343 7372 hpqcxs08 - ok
21:09:24.0353 7372 [ 99E8EEF42FE2F4AF29B08C3355DD7685 ] hpqddsvc C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
21:09:24.0355 7372 hpqddsvc - ok
21:09:24.0360 7372 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\Windows\system32\DRIVERS\HpSAMD.sys
21:09:24.0362 7372 HpSAMD - ok
21:09:24.0432 7372 [ C3B71A7EE3ADA9E9D1A30133B9D2FC74 ] HPSLPSVC C:\Users\Rasty Kartas\AppData\Local\Temp\7zS1931\hpslpsvc32.dll
21:09:24.0439 7372 HPSLPSVC - ok
21:09:24.0496 7372 [ C531C7FD9E8B62021112787C4E2C5A5A ] HTTP C:\Windows\system32\drivers\HTTP.sys
21:09:24.0501 7372 HTTP - ok
21:09:24.0558 7372 [ 348C3A9D01E68A0222A246346924AA55 ] hwdatacard C:\Windows\system32\DRIVERS\ewusbmdm.sys
21:09:24.0560 7372 hwdatacard - ok
21:09:24.0581 7372 [ 8305F33CDE89AD6C7A0763ED0B5A8D42 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
21:09:24.0582 7372 hwpolicy - ok
21:09:24.0598 7372 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
21:09:24.0600 7372 i8042prt - ok
21:09:24.0638 7372 [ E64665E2A6CAEB52C8AE6E5EB6F3FD7C ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
21:09:24.0642 7372 iaStor - ok
21:09:24.0686 7372 [ 902F9086295B54B516B9664327079739 ] iaStorA C:\Windows\system32\DRIVERS\iaStorA.sys
21:09:24.0691 7372 iaStorA - ok
21:09:24.0693 7372 [ 13F98AAE8E9030C38A9DA7DADE6325A9 ] iaStorF C:\Windows\system32\DRIVERS\iaStorF.sys
21:09:24.0694 7372 iaStorF - ok
21:09:24.0735 7372 [ 71F1A494FEDF4B33C02C4A6A28D6D9E9 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
21:09:24.0738 7372 iaStorV - ok
21:09:24.0783 7372 [ 5AF815EB5BC9802E5A064E2BA62BFC0C ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
21:09:24.0791 7372 idsvc - ok
21:09:25.0008 7372 [ DEFCCA620FF9EC4E9E2E1619263821A7 ] igfx C:\Windows\system32\DRIVERS\igdkmd32.sys
21:09:25.0190 7372 igfx - ok
21:09:25.0266 7372 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
21:09:25.0267 7372 iirsp - ok
21:09:25.0298 7372 [ F24395EAE5CDAAF36FDF4D9A4EF1B734 ] ikbevent C:\Windows\system32\DRIVERS\ikbevent.sys
21:09:25.0299 7372 ikbevent - ok
21:09:25.0331 7372 [ FAC0EE6562B121B1399D6E855583F7A5 ] IKEEXT C:\Windows\System32\ikeext.dll
21:09:25.0338 7372 IKEEXT - ok
21:09:25.0366 7372 [ D57DC259515E9F16511E6B3982C172B9 ] imsevent C:\Windows\system32\DRIVERS\imsevent.sys
21:09:25.0367 7372 imsevent - ok
21:09:25.0753 7372 [ 345AC48D17F5C2F2AA1EE50D34C3978B ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
21:09:25.0780 7372 IntcAzAudAddService - ok
21:09:25.0897 7372 [ C86A9AA1CBC4C3C2C5C9DD0F6D939926 ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
21:09:25.0901 7372 Intel(R) Capability Licensing Service Interface - ok
21:09:25.0951 7372 [ 709C8623721A1F1EF388EA75A07EC33B ] Intel(R) ME Service C:\Program Files\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
21:09:25.0953 7372 Intel(R) ME Service - ok
21:09:25.0964 7372 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\Windows\system32\DRIVERS\intelide.sys
21:09:25.0966 7372 intelide - ok
21:09:25.0978 7372 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
21:09:25.0980 7372 intelppm - ok
21:09:25.0987 7372 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
21:09:25.0989 7372 IPBusEnum - ok
21:09:26.0005 7372 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:09:26.0007 7372 IpFilterDriver - ok
21:09:26.0032 7372 [ 477397B432A256A50EE7E4339EB9EA14 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
21:09:26.0037 7372 iphlpsvc - ok
21:09:26.0054 7372 [ E4454B6C37D7FFD5649611F6496308A7 ] IPMIDRV C:\Windows\system32\DRIVERS\IPMIDrv.sys
21:09:26.0056 7372 IPMIDRV - ok
21:09:26.0069 7372 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\Windows\system32\drivers\ipnat.sys
21:09:26.0071 7372 IPNAT - ok
21:09:26.0093 7372 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\Windows\system32\drivers\irenum.sys
21:09:26.0095 7372 IRENUM - ok
21:09:26.0142 7372 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\Windows\system32\DRIVERS\isapnp.sys
21:09:26.0144 7372 isapnp - ok
21:09:26.0169 7372 [ ED46C223AE46C6866AB77CDC41C404B7 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
21:09:26.0171 7372 iScsiPrt - ok
21:09:26.0182 7372 [ 8D9E0DD04519253C17DFA0580295EEB8 ] ISCT C:\Windows\system32\DRIVERS\ISCTD.sys
21:09:26.0184 7372 ISCT - ok
21:09:26.0213 7372 [ 394A68607D63CF36D9732C953F43AF89 ] ISCTAgent C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
21:09:26.0215 7372 ISCTAgent - ok
21:09:26.0225 7372 [ DF93E36D3DABDD53A6394806AD1B9807 ] iusb3hcs C:\Windows\system32\DRIVERS\iusb3hcs.sys
21:09:26.0226 7372 iusb3hcs - ok
21:09:26.0238 7372 [ 725D1248F64D56E61453F4FCDFA6A0B6 ] iusb3hub C:\Windows\system32\DRIVERS\iusb3hub.sys
21:09:26.0242 7372 iusb3hub - ok
21:09:26.0266 7372 [ 5C0C8D16027229BD7FC9465124BFEC9D ] iusb3xhc C:\Windows\system32\DRIVERS\iusb3xhc.sys
21:09:26.0272 7372 iusb3xhc - ok
21:09:26.0298 7372 [ C44B44E24B929631D9D7368F5B2B40CF ] jhi_service C:\Program Files\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
21:09:26.0299 7372 jhi_service - ok
21:09:26.0312 7372 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
21:09:26.0313 7372 kbdclass - ok
21:09:26.0335 7372 [ 3D9F0EBF350EDCFD6498057301455964 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
21:09:26.0337 7372 kbdhid - ok
21:09:26.0358 7372 [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] KeyIso C:\Windows\system32\lsass.exe
21:09:26.0360 7372 KeyIso - ok
21:09:26.0373 7372 [ 52FC17C8589F11747D01D3CF592673D0 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
21:09:26.0375 7372 KSecDD - ok
21:09:26.0405 7372 [ 3E5474B03568CFAB834DA3C38E8C9EFA ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
21:09:26.0407 7372 KSecPkg - ok
21:09:26.0438 7372 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\Windows\system32\msdtckrm.dll
21:09:26.0443 7372 KtmRm - ok
21:09:26.0455 7372 [ 8F6BF790D3168224C16F2AF68A84438C ] LanmanServer C:\Windows\system32\srvsvc.dll
21:09:26.0459 7372 LanmanServer - ok
21:09:26.0479 7372 [ B9891F885DCF1F0513A51CB58493CB1F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
21:09:26.0483 7372 LanmanWorkstation - ok
21:09:26.0500 7372 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
21:09:26.0502 7372 lltdio - ok
21:09:26.0540 7372 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\Windows\System32\lltdsvc.dll
21:09:26.0544 7372 lltdsvc - ok
21:09:26.0560 7372 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\Windows\System32\lmhsvc.dll
21:09:26.0563 7372 lmhosts - ok
21:09:26.0581 7372 [ 75F29D77B0540FCF47EE3BE000BBABDA ] LMS C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
21:09:26.0584 7372 LMS - ok
21:09:26.0608 7372 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
21:09:26.0611 7372 LSI_FC - ok
21:09:26.0613 7372 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
21:09:26.0614 7372 LSI_SAS - ok
21:09:26.0617 7372 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
21:09:26.0618 7372 LSI_SAS2 - ok
21:09:26.0625 7372 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
21:09:26.0627 7372 LSI_SCSI - ok
21:09:26.0636 7372 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\Windows\system32\drivers\luafv.sys
21:09:26.0638 7372 luafv - ok
21:09:26.0695 7372 [ 29CB85A1FE091C9D3AA3C72D66DF3E69 ] MBfilt C:\Windows\system32\drivers\MBfilt32.sys
21:09:26.0696 7372 MBfilt - ok
21:09:26.0724 7372 [ E2B0887816ED336685954E3D8FDAA51D ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
21:09:26.0727 7372 Mcx2Svc - ok
21:09:26.0741 7372 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
21:09:26.0742 7372 megasas - ok
21:09:26.0750 7372 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
21:09:26.0752 7372 MegaSR - ok
21:09:26.0766 7372 [ 240D715CFE4FB8F4CDA76F6863E62334 ] MEI C:\Windows\system32\DRIVERS\HECI.sys
21:09:26.0768 7372 MEI - ok
21:09:26.0856 7372 [ FAFE367D032ED82E9332B4C741A20216 ] Microsoft Office Groove Audit Service C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
21:09:26.0857 7372 Microsoft Office Groove Audit Service - ok
21:09:26.0876 7372 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\Windows\system32\mmcss.dll
21:09:26.0878 7372 MMCSS - ok
21:09:26.0894 7372 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\Windows\system32\drivers\modem.sys
21:09:26.0895 7372 Modem - ok
21:09:26.0921 7372 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
21:09:26.0922 7372 monitor - ok
21:09:26.0941 7372 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
21:09:26.0943 7372 mouclass - ok
21:09:26.0952 7372 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
21:09:26.0953 7372 mouhid - ok
21:09:26.0963 7372 [ 921C18727C5920D6C0300736646931C2 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
21:09:26.0965 7372 mountmgr - ok
21:09:27.0020 7372 [ 7EDBBB9351A38C6BB0FE98CFD44DB430 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
21:09:27.0022 7372 MozillaMaintenance - ok
21:09:27.0041 7372 [ 2AF5997438C55FB79D33D015C30E1974 ] mpio C:\Windows\system32\DRIVERS\mpio.sys
21:09:27.0043 7372 mpio - ok
21:09:27.0045 7372 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
21:09:27.0047 7372 mpsdrv - ok
21:09:27.0053 7372 [ 5CD996CECF45CBC3E8D109C86B82D69E ] MpsSvc C:\Windows\system32\mpssvc.dll
21:09:27.0060 7372 MpsSvc - ok
21:09:27.0078 7372 [ B1BE47008D20E43DA3ADC37C24CDB89D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
21:09:27.0080 7372 MRxDAV - ok
21:09:27.0117 7372 [ CA7570E42522E24324A12161DB14EC02 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
21:09:27.0119 7372 mrxsmb - ok
21:09:27.0129 7372 [ F965C3AB2B2AE5C378F4562486E35051 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:09:27.0132 7372 mrxsmb10 - ok
21:09:27.0170 7372 [ 25C38264A3C72594DD21D355D70D7A5D ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:09:27.0172 7372 mrxsmb20 - ok
21:09:27.0178 7372 [ 4326D168944123F38DD3B2D9C37A0B12 ] msahci C:\Windows\system32\DRIVERS\msahci.sys
21:09:27.0179 7372 msahci - ok
21:09:27.0189 7372 [ 455029C7174A2DBB03DBA8A0D8BDDD9A ] msdsm C:\Windows\system32\DRIVERS\msdsm.sys
21:09:27.0191 7372 msdsm - ok
21:09:27.0213 7372 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\Windows\System32\msdtc.exe
21:09:27.0216 7372 MSDTC - ok
21:09:27.0235 7372 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\Windows\system32\drivers\Msfs.sys
21:09:27.0236 7372 Msfs - ok
21:09:27.0245 7372 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
21:09:27.0246 7372 mshidkmdf - ok
21:09:27.0248 7372 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\Windows\system32\DRIVERS\msisadrv.sys
21:09:27.0250 7372 msisadrv - ok
21:09:27.0281 7372 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
21:09:27.0284 7372 MSiSCSI - ok
21:09:27.0286 7372 msiserver - ok
21:09:27.0312 7372 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
21:09:27.0314 7372 MSKSSRV - ok
21:09:27.0347 7372 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
21:09:27.0348 7372 MSPCLOCK - ok
21:09:27.0359 7372 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
21:09:27.0360 7372 MSPQM - ok
21:09:27.0379 7372 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
21:09:27.0382 7372 MsRPC - ok
21:09:27.0385 7372 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
21:09:27.0387 7372 mssmbios - ok
21:09:27.0401 7372 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
21:09:27.0402 7372 MSTEE - ok
21:09:27.0417 7372 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
21:09:27.0418 7372 MTConfig - ok
21:09:27.0428 7372 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\Windows\system32\Drivers\mup.sys
21:09:27.0430 7372 Mup - ok
21:09:27.0447 7372 [ 80284F1985C70C86F0B5F86DA2DFE1DF ] napagent C:\Windows\system32\qagentRT.dll
21:09:27.0454 7372 napagent - ok
21:09:27.0477 7372 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
21:09:27.0480 7372 NativeWifiP - ok
21:09:27.0623 7372 [ E0E4A1F81A7D69C595A8A9DDAD084C19 ] NAUpdate C:\Program Files\Nero\Update\NASvc.exe
21:09:27.0630 7372 NAUpdate - ok
21:09:28.0185 7372 [ B498A14133BD09AD0817590ACE4470AD ] NBService C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
21:09:28.0192 7372 NBService - ok
21:09:28.0229 7372 [ 23759D175A0A9BAAF04D05047BC135A8 ] NDIS C:\Windows\system32\drivers\ndis.sys
21:09:28.0236 7372 NDIS - ok
21:09:28.0249 7372 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
21:09:28.0251 7372 NdisCap - ok
21:09:28.0275 7372 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
21:09:28.0276 7372 NdisTapi - ok
21:09:28.0297 7372 [ B30AE7F2B6D7E343B0DF32E6C08FCE75 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
21:09:28.0299 7372 Ndisuio - ok
21:09:28.0310 7372 [ 267C415EADCBE53C9CA873DEE39CF3A4 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
21:09:28.0312 7372 NdisWan - ok
21:09:28.0314 7372 [ AF7E7C63DCEF3F8772726F86039D6EB4 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
21:09:28.0315 7372 NDProxy - ok
21:09:28.0364 7372 [ A081CB6FB9A12668F233EB5414BE3A0E ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
21:09:28.0366 7372 Net Driver HPZ12 - ok
21:09:28.0377 7372 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
21:09:28.0379 7372 NetBIOS - ok
21:09:28.0395 7372 [ DD52A733BF4CA5AF84562A5E2F963B91 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
21:09:28.0397 7372 NetBT - ok
21:09:28.0410 7372 [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] Netlogon C:\Windows\system32\lsass.exe
21:09:28.0412 7372 Netlogon - ok
21:09:28.0435 7372 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\Windows\System32\netman.dll
21:09:28.0439 7372 Netman - ok
21:09:28.0503 7372 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
21:09:28.0539 7372 NetMsmqActivator - ok
21:09:28.0558 7372 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
21:09:28.0558 7372 NetPipeActivator - ok
21:09:28.0567 7372 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\Windows\System32\netprofm.dll
21:09:28.0572 7372 netprofm - ok
21:09:28.0592 7372 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
21:09:28.0593 7372 NetTcpActivator - ok
21:09:28.0595 7372 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
21:09:28.0596 7372 NetTcpPortSharing - ok
21:09:28.0652 7372 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
21:09:28.0654 7372 nfrd960 - ok
21:09:28.0667 7372 [ 2226496E34BD40734946A054B1CD657F ] NlaSvc C:\Windows\System32\nlasvc.dll
21:09:28.0671 7372 NlaSvc - ok
21:09:28.0735 7372 [ A328A46D87BB92CE4D8A4528E9D84787 ] NMIndexingService C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
21:09:28.0738 7372 NMIndexingService - ok
21:09:28.0757 7372 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\Windows\system32\drivers\Npfs.sys
21:09:28.0758 7372 Npfs - ok
21:09:28.0765 7372 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\Windows\system32\nsisvc.dll
21:09:28.0768 7372 nsi - ok
21:09:28.0774 7372 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
21:09:28.0775 7372 nsiproxy - ok
21:09:28.0820 7372 [ 187002CE05693C306F43C873F821381F ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
21:09:28.0830 7372 Ntfs - ok
21:09:28.0838 7372 [ F9756A98D69098DCA8945D62858A812C ] Null C:\Windows\system32\drivers\Null.sys
21:09:28.0839 7372 Null - ok
21:09:28.0869 7372 [ 77F9F9A199B87FE3F852E12F5419240B ] NVHDA C:\Windows\system32\drivers\nvhda32v.sys
21:09:28.0871 7372 NVHDA - ok
21:09:29.0002 7372 [ 2FA5434344AF84D73F66BA402FF78690 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
21:09:29.0111 7372 nvlddmkm - ok
21:09:29.0171 7372 [ F1B0BED906F97E16F6D0C3629D2F21C6 ] nvraid C:\Windows\system32\drivers\nvraid.sys
21:09:29.0173 7372 nvraid - ok
21:09:29.0202 7372 [ 4520B63899E867F354EE012D34E11536 ] nvstor C:\Windows\system32\drivers\nvstor.sys
21:09:29.0205 7372 nvstor - ok
21:09:29.0269 7372 [ B785320CBCF5021DE9945C803696C511 ] nvsvc C:\Windows\system32\nvvsvc.exe
21:09:29.0277 7372 nvsvc - ok
21:09:29.0360 7372 [ D2B064796C369F82E96397F721C4A29D ] nvUpdatusService C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
21:09:29.0371 7372 nvUpdatusService - ok
21:09:29.0425 7372 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\Windows\system32\DRIVERS\nv_agp.sys
21:09:29.0427 7372 nv_agp - ok
21:09:29.0654 7372 [ 84DE1DD996B48B05ACE31AD015FA108A ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
21:09:29.0658 7372 odserv - ok
21:09:29.0690 7372 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
21:09:29.0691 7372 ohci1394 - ok
21:09:29.0758 7372 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:09:29.0760 7372 ose - ok
21:09:29.0881 7372 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
21:09:29.0886 7372 p2pimsvc - ok
21:09:29.0903 7372 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\Windows\system32\p2psvc.dll
21:09:29.0908 7372 p2psvc - ok
21:09:29.0964 7372 [ 01907300EB52206B06FACB9608F369A9 ] PanService C:\Program Files\PANDORA.TV\PanService\PandoraService.exe
21:09:29.0969 7372 PanService - ok
21:09:30.0024 7372 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\Windows\system32\DRIVERS\parport.sys
21:09:30.0026 7372 Parport - ok
21:09:30.0060 7372 [ 66D3415C159741ADE7038A277EFFF99F ] partmgr C:\Windows\system32\drivers\partmgr.sys
21:09:30.0061 7372 partmgr - ok
21:09:30.0075 7372 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
21:09:30.0076 7372 Parvdm - ok
21:09:30.0086 7372 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\Windows\System32\pcasvc.dll
21:09:30.0089 7372 PcaSvc - ok
21:09:30.0134 7372 [ FD2041E9BA03DB7764B2248F02475079 ] pccsmcfd C:\Windows\system32\DRIVERS\pccsmcfd.sys
21:09:30.0135 7372 pccsmcfd - ok
21:09:30.0148 7372 [ C858CB77C577780ECC456A892E7E7D0F ] pci C:\Windows\system32\DRIVERS\pci.sys
21:09:30.0150 7372 pci - ok
21:09:30.0173 7372 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\Windows\system32\DRIVERS\pciide.sys
21:09:30.0174 7372 pciide - ok
21:09:30.0195 7372 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
21:09:30.0198 7372 pcmcia - ok
21:09:30.0200 7372 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\Windows\system32\drivers\pcw.sys
21:09:30.0201 7372 pcw - ok
21:09:30.0224 7372 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\Windows\system32\drivers\peauth.sys
21:09:30.0229 7372 PEAUTH - ok
21:09:30.0291 7372 [ AF4D64D2A57B9772CF3801950B8058A6 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
21:09:30.0302 7372 PeerDistSvc - ok
21:09:30.0341 7372 [ 9C1BFF7910C89A1D12E57343475840CB ] pla C:\Windows\system32\pla.dll
21:09:30.0355 7372 pla - ok
21:09:30.0392 7372 [ 71DEF5EC79774C798342D0EA16E41780 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
21:09:30.0398 7372 PlugPlay - ok
21:09:30.0436 7372 [ 65BC271F337637731D3C71455AE1F476 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
21:09:30.0438 7372 Pml Driver HPZ12 - ok
21:09:30.0491 7372 [ 831883B107684301F48ACE752C963984 ] PnkBstrA C:\Windows\system32\PnkBstrA.exe
21:09:30.0494 7372 PnkBstrA - ok
21:09:30.0504 7372 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
21:09:30.0508 7372 PNRPAutoReg - ok
21:09:30.0512 7372 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
21:09:30.0515 7372 PNRPsvc - ok
21:09:30.0549 7372 [ 48E1B75C6DC0232FD92BAAE4BD344721 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
21:09:30.0554 7372 PolicyAgent - ok
21:09:30.0569 7372 [ DBFF83F709A91049621C1D35DD45C92C ] Power C:\Windows\system32\umpo.dll
21:09:30.0573 7372 Power - ok
21:09:30.0587 7372 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
21:09:30.0590 7372 PptpMiniport - ok
21:09:30.0619 7372 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\Windows\system32\DRIVERS\processr.sys
21:09:30.0621 7372 Processor - ok
21:09:30.0636 7372 [ AEA3BDBDBA667AA6F678CB38907E4F5E ] ProfSvc C:\Windows\system32\profsvc.dll
21:09:30.0640 7372 ProfSvc - ok
21:09:30.0654 7372 [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] ProtectedStorage C:\Windows\system32\lsass.exe
21:09:30.0656 7372 ProtectedStorage - ok
21:09:30.0662 7372 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\Windows\system32\DRIVERS\pacer.sys
21:09:30.0664 7372 Psched - ok
21:09:30.0694 7372 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
21:09:30.0705 7372 ql2300 - ok
21:09:30.0717 7372 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
21:09:30.0719 7372 ql40xx - ok
21:09:30.0728 7372 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\Windows\system32\qwave.dll
21:09:30.0733 7372 QWAVE - ok
21:09:30.0743 7372 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
21:09:30.0745 7372 QWAVEdrv - ok
21:09:30.0823 7372 [ 8F97D374AD1857E1EED85A79F29A1D3D ] RapiMgr C:\Windows\WindowsMobile\rapimgr.dll
21:09:30.0825 7372 RapiMgr - ok
21:09:30.0842 7372 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
21:09:30.0844 7372 RasAcd - ok
21:09:30.0862 7372 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
21:09:30.0864 7372 RasAgileVpn - ok
21:09:30.0878 7372 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\Windows\System32\rasauto.dll
21:09:30.0882 7372 RasAuto - ok
21:09:30.0895 7372 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
21:09:30.0896 7372 Rasl2tp - ok
21:09:30.0907 7372 [ 0CE66EC736B7FC526D78F7624C7D2A94 ] RasMan C:\Windows\System32\rasmans.dll
21:09:30.0912 7372 RasMan - ok
21:09:30.0921 7372 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
21:09:30.0923 7372 RasPppoe - ok
21:09:30.0930 7372 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
21:09:30.0932 7372 RasSstp - ok
21:09:30.0947 7372 [ 835D7E81BF517A3B72384BDCC85E1CE6 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
21:09:30.0950 7372 rdbss - ok
21:09:30.0963 7372 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
21:09:30.0964 7372 rdpbus - ok
21:09:30.0974 7372 [ 1E016846895B15A99F9A176A05029075 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
21:09:30.0975 7372 RDPCDD - ok
21:09:31.0006 7372 [ C5FF95883FFEF704D50C40D21CFB3AB5 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
21:09:31.0008 7372 RDPDR - ok
21:09:31.0010 7372 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
21:09:31.0011 7372 RDPENCDD - ok
21:09:31.0015 7372 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
21:09:31.0016 7372 RDPREFMP - ok
21:09:31.0059 7372 [ C5B8D47A4688DE9D335204EA757C2240 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
21:09:31.0062 7372 RDPWD - ok
21:09:31.0082 7372 [ 4EA225BF1CF05E158853F30A99CA29A7 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
21:09:31.0085 7372 rdyboost - ok
21:09:31.0156 7372 [ A0FF419B61AE47E26ADF3BB15DB4F2FE ] RealNetworks Downloader Resolver Service C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
21:09:31.0157 7372 RealNetworks Downloader Resolver Service - ok
21:09:31.0184 7372 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\Windows\System32\mprdim.dll
21:09:31.0187 7372 RemoteAccess - ok
21:09:31.0190 7372 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\Windows\system32\regsvc.dll
21:09:31.0194 7372 RemoteRegistry - ok
21:09:31.0208 7372 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
21:09:31.0211 7372 RpcEptMapper - ok
21:09:31.0224 7372 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\Windows\system32\locator.exe
21:09:31.0226 7372 RpcLocator - ok
21:09:31.0246 7372 [ B82CD39E336973359D7C9BF911E8E84F ] RpcSs C:\Windows\system32\rpcss.dll
21:09:31.0250 7372 RpcSs - ok
21:09:31.0260 7372 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
21:09:31.0262 7372 rspndr - ok
21:09:31.0305 7372 [ 3849D5D73BDD9B7BC4E3305DDC345B2C ] RTL8167 C:\Windows\system32\DRIVERS\Rt86win7.sys
21:09:31.0310 7372 RTL8167 - ok
21:09:31.0772 7372 [ 5423D8437051E89DD34749F242C98648 ] s3cap C:\Windows\system32\DRIVERS\vms3cap.sys
21:09:31.0774 7372 s3cap - ok
21:09:31.0776 7372 [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] SamSs C:\Windows\system32\lsass.exe
21:09:31.0778 7372 SamSs - ok
21:09:31.0798 7372 [ 34EE0C44B724E3E4CE2EFF29126DE5B5 ] sbp2port C:\Windows\system32\DRIVERS\sbp2port.sys
21:09:31.0800 7372 sbp2port - ok
21:09:31.0811 7372 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\Windows\System32\SCardSvr.dll
21:09:31.0815 7372 SCardSvr - ok
21:09:31.0820 7372 [ A95C54B2AC3CC9C73FCDF9E51A1D6B51 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
21:09:31.0821 7372 scfilter - ok
21:09:31.0922 7372 [ DF1E5C82E4D09CF8105CC644980C4803 ] Schedule C:\Windows\system32\schedsvc.dll
21:09:31.0930 7372 Schedule - ok
21:09:32.0153 7372 [ 628A9E30EC5E18DD5DE6BE4DBDC12198 ] SCPolicySvc C:\Windows\System32\certprop.dll
21:09:32.0154 7372 SCPolicySvc - ok
21:09:32.0165 7372 [ 5FD90ABDBFAEE85986802622CBB03446 ] SDRSVC C:\Windows\System32\SDRSVC.dll
21:09:32.0168 7372 SDRSVC - ok
21:09:32.0171 7372 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
21:09:32.0172 7372 secdrv - ok
21:09:32.0185 7372 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\Windows\system32\seclogon.dll
21:09:32.0188 7372 seclogon - ok
21:09:32.0197 7372 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\Windows\System32\sens.dll
21:09:32.0200 7372 SENS - ok
21:09:32.0212 7372 [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc C:\Windows\system32\sensrsvc.dll
21:09:32.0215 7372 SensrSvc - ok
21:09:32.0229 7372 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
21:09:32.0230 7372 Serenum - ok
21:09:32.0241 7372 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\Windows\system32\DRIVERS\serial.sys
21:09:32.0243 7372 Serial - ok
21:09:32.0269 7372 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
21:09:32.0270 7372 sermouse - ok
21:09:32.0420 7372 [ 3EC8DE67B1C78C31E54C0F030E6BD7D5 ] ServiceLayer C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
21:09:32.0426 7372 ServiceLayer - ok
21:09:32.0432 7372 [ 8F55CE568C543D5ADF45C409D16718FC ] SessionEnv C:\Windows\system32\sessenv.dll
21:09:32.0436 7372 SessionEnv - ok
21:09:32.0497 7372 [ 4C0D673281178CB496011A2E28571FC8 ] sfdrv01 C:\Windows\system32\drivers\sfdrv01.sys
21:09:32.0498 7372 sfdrv01 - ok
21:09:32.0523 7372 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\Windows\system32\DRIVERS\sffdisk.sys
21:09:32.0524 7372 sffdisk - ok
21:09:32.0539 7372 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\Windows\system32\DRIVERS\sffp_mmc.sys
21:09:32.0540 7372 sffp_mmc - ok
21:09:32.0554 7372 [ A0708BBD07D245C06FF9DE549CA47185 ] sffp_sd C:\Windows\system32\DRIVERS\sffp_sd.sys
21:09:32.0555 7372 sffp_sd - ok
21:09:32.0580 7372 [ 15BE2B5E4DC5B8623CF167720682ABC9 ] sfhlp02 C:\Windows\system32\drivers\sfhlp02.sys
21:09:32.0581 7372 sfhlp02 - ok
21:09:32.0607 7372 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
21:09:32.0609 7372 sfloppy - ok
21:09:32.0626 7372 [ 6120E41228A3718D8376437FE135DD4D ] sfsync02 C:\Windows\system32\drivers\sfsync02.sys
21:09:32.0628 7372 sfsync02 - ok
21:09:32.0641 7372 [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess C:\Windows\System32\ipnathlp.dll
21:09:32.0646 7372 SharedAccess - ok
21:09:32.0661 7372 [ CD2E48FA5B29EE2B3B5858056D246EF2 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
21:09:32.0666 7372 ShellHWDetection - ok
21:09:32.0694 7372 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\Windows\system32\DRIVERS\sisagp.sys
21:09:32.0695 7372 sisagp - ok
21:09:32.0715 7372 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
21:09:32.0717 7372 SiSRaid2 - ok
21:09:32.0725 7372 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
21:09:32.0727 7372 SiSRaid4 - ok
21:09:32.0750 7372 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\Windows\system32\DRIVERS\smb.sys
21:09:32.0752 7372 Smb - ok
21:09:32.0773 7372 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
21:09:32.0777 7372 SNMPTRAP - ok
21:09:32.0848 7372 [ 5177D14A78E60FD61DCFC6B388E7E971 ] Sony PC Companion C:\Program Files\Sony\Sony PC Companion\PCCService.exe
21:09:32.0851 7372 Sony PC Companion - ok
21:09:32.0863 7372 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\Windows\system32\drivers\spldr.sys
21:09:32.0865 7372 spldr - ok
21:09:32.0900 7372 [ D1BB750EB51694DE183E08B9C33BE5B2 ] Spooler C:\Windows\System32\spoolsv.exe
21:09:32.0906 7372 Spooler - ok
21:09:32.0975 7372 [ 4C287F9069FEDBD791178876EE9DE536 ] sppsvc C:\Windows\system32\sppsvc.exe
21:09:33.0029 7372 sppsvc - ok
21:09:33.0047 7372 [ D8E3E19EEBDAB49DD4A8D3062EAD4EC7 ] sppuinotify C:\Windows\system32\sppuinotify.dll
21:09:33.0050 7372 sppuinotify - ok
21:09:33.0094 7372 [ 0022CFFF1A41E5CE3A764050A7DDF22A ] sptd C:\Windows\System32\Drivers\sptd.sys
21:09:33.0099 7372 sptd - ok
21:09:33.0167 7372 [ C4A027B8C0BD3FC0699F41FA5E9E0C87 ] srv C:\Windows\system32\DRIVERS\srv.sys
21:09:33.0171 7372 srv - ok
21:09:33.0202 7372 [ 414BB592CAD8A79649D01F9D94318FB3 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
21:09:33.0206 7372 srv2 - ok
21:09:33.0230 7372 [ FF207D67700AA18242AAF985D3E7D8F4 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
21:09:33.0233 7372 srvnet - ok
21:09:33.0267 7372 [ 64E44ACD8C238FCBBB78F0BA4BDC4B05 ] ssadbus C:\Windows\system32\DRIVERS\ssadbus.sys
21:09:33.0269 7372 ssadbus - ok
21:09:33.0307 7372 [ BB2C84A15C765DA89FD832B0E73F26CE ] ssadmdfl C:\Windows\system32\DRIVERS\ssadmdfl.sys
21:09:33.0308 7372 ssadmdfl - ok
21:09:33.0322 7372 [ 6D0D132DDC6F43EDA00DCED6D8B1CA31 ] ssadmdm C:\Windows\system32\DRIVERS\ssadmdm.sys
21:09:33.0324 7372 ssadmdm - ok
21:09:33.0348 7372 [ 1A5A397BC459F346AB56492B61EF79F6 ] ssadserd C:\Windows\system32\DRIVERS\ssadserd.sys
21:09:33.0351 7372 ssadserd - ok
21:09:33.0371 7372 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
21:09:33.0376 7372 SSDPSRV - ok
21:09:33.0383 7372 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\Windows\system32\sstpsvc.dll
21:09:33.0388 7372 SstpSvc - ok
21:09:33.0445 7372 [ 359FEE084F1173FFFFD7F9CCBD43D47F ] ssudmdm C:\Windows\system32\DRIVERS\ssudmdm.sys
21:09:33.0448 7372 ssudmdm - ok
21:09:33.0513 7372 [ E5C796B621F6FBA8616511063D7F0FFE ] StarWindServiceAE C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
21:09:33.0517 7372 StarWindServiceAE - ok
21:09:33.0552 7372 Steam Client Service - ok
21:09:33.0649 7372 [ 00FCEC4DA4198F5F2B9BBD9225842568 ] Stereo Service C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
21:09:33.0653 7372 Stereo Service - ok
21:09:33.0662 7372 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
21:09:33.0664 7372 stexstor - ok
21:09:33.0777 7372 [ A22825E7BB7018E8AF3E229A5AF17221 ] StiSvc C:\Windows\System32\wiaservc.dll
21:09:33.0783 7372 StiSvc - ok
21:09:33.0814 7372 [ 957E346CA948668F2496A6CCF6FF82CC ] storflt C:\Windows\system32\DRIVERS\vmstorfl.sys
21:09:33.0816 7372 storflt - ok
21:09:33.0844 7372 [ D5751969DC3E4B88BF482AC8EC9FE019 ] storvsc C:\Windows\system32\DRIVERS\storvsc.sys
21:09:33.0846 7372 storvsc - ok
Re: Kontrola logu. Jeden z procesů zatěžuje procesor
21:09:33.0852 7372 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
21:09:33.0853 7372 swenum - ok
21:09:33.0865 7372 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\Windows\System32\swprv.dll
21:09:33.0871 7372 swprv - ok
21:09:33.0893 7372 [ 04105C8DA62353589C29BDAEB8D88BD8 ] SysMain C:\Windows\system32\sysmain.dll
21:09:33.0905 7372 SysMain - ok
21:09:33.0976 7372 [ FCFB6C552FBC0DA299799CBD50AD9FD4 ] TabletInputService C:\Windows\System32\TabSvc.dll
21:09:33.0981 7372 TabletInputService - ok
21:09:33.0992 7372 [ 2F46B0C70A4ADC8C90CF825DA3B4FEAF ] TapiSrv C:\Windows\System32\tapisrv.dll
21:09:33.0998 7372 TapiSrv - ok
21:09:34.0006 7372 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\Windows\System32\tbssvc.dll
21:09:34.0010 7372 TBS - ok
21:09:34.0052 7372 [ 55E9965552741F3850CB22CBBA9671ED ] Tcpip C:\Windows\system32\drivers\tcpip.sys
21:09:34.0063 7372 Tcpip - ok
21:09:34.0091 7372 [ 55E9965552741F3850CB22CBBA9671ED ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
21:09:34.0096 7372 TCPIP6 - ok
21:09:34.0131 7372 [ E64444523ADD154F86567C469BC0B17F ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
21:09:34.0132 7372 tcpipreg - ok
21:09:34.0147 7372 [ 1875C1490D99E70E449E3AFAE9FCBADF ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
21:09:34.0148 7372 TDPIPE - ok
21:09:34.0179 7372 [ 7156308896D34EA75A582F9A09E50C17 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
21:09:34.0181 7372 TDTCP - ok
21:09:34.0196 7372 [ CB39E896A2A83702D1737BFD402B3542 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
21:09:34.0197 7372 tdx - ok
21:09:34.0205 7372 [ C36F41EE20E6999DBF4B0425963268A5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
21:09:34.0206 7372 TermDD - ok
21:09:34.0278 7372 [ A01E50A04D7B1960B33E92B9080E6A94 ] TermService C:\Windows\System32\termsrv.dll
21:09:34.0286 7372 TermService - ok
21:09:34.0297 7372 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\Windows\system32\themeservice.dll
21:09:34.0300 7372 Themes - ok
21:09:34.0304 7372 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\Windows\system32\mmcss.dll
21:09:34.0306 7372 THREADORDER - ok
21:09:34.0332 7372 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\Windows\System32\trkwks.dll
21:09:34.0336 7372 TrkWks - ok
21:09:34.0392 7372 [ 41A4C781D2286208D397D72099304133 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
21:09:34.0395 7372 TrustedInstaller - ok
21:09:34.0398 7372 [ 98AE6FA07D12CB4EC5CF4A9BFA5F4242 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
21:09:34.0399 7372 tssecsrv - ok
21:09:34.0480 7372 [ 99DC0CA7D77D4C6306906F8BA0F9B8C3 ] TuneUp.Defrag C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe
21:09:34.0485 7372 TuneUp.Defrag - ok
21:09:34.0522 7372 [ 3C8E34E11F8A12DE467CD8DF6274CEE9 ] TuneUp.UtilitiesSvc C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
21:09:34.0532 7372 TuneUp.UtilitiesSvc - ok
21:09:34.0561 7372 [ F2107C9D85EC0DF116939CCCE06AE697 ] TuneUpUtilitiesDrv C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys
21:09:34.0562 7372 TuneUpUtilitiesDrv - ok
21:09:34.0568 7372 [ 3E461D890A97F9D4C168F5FDA36E1D00 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
21:09:34.0570 7372 tunnel - ok
21:09:34.0592 7372 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
21:09:34.0593 7372 uagp35 - ok
21:09:34.0611 7372 [ 09CC3E16F8E5EE7168E01CF8FCBE061A ] udfs C:\Windows\system32\DRIVERS\udfs.sys
21:09:34.0614 7372 udfs - ok
21:09:34.0626 7372 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
21:09:34.0629 7372 UI0Detect - ok
21:09:34.0637 7372 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\Windows\system32\DRIVERS\uliagpkx.sys
21:09:34.0639 7372 uliagpkx - ok
21:09:34.0650 7372 [ 049B3A50B3D646BAEEEE9EEC9B0668DC ] umbus C:\Windows\system32\DRIVERS\umbus.sys
21:09:34.0651 7372 umbus - ok
21:09:34.0664 7372 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
21:09:34.0666 7372 UmPass - ok
21:09:34.0688 7372 [ 8ECACA5454844F66386F7BE4AE0D7CD1 ] UmRdpService C:\Windows\System32\umrdp.dll
21:09:34.0693 7372 UmRdpService - ok
21:09:34.0756 7372 [ 193AD338F2A64D17300AD640ADFA5D0A ] UNS C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
21:09:34.0760 7372 UNS - ok
21:09:34.0804 7372 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\Windows\System32\upnphost.dll
21:09:34.0809 7372 upnphost - ok
21:09:34.0867 7372 [ 2436A42AAB4AD48A9B714E5B0F344627 ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
21:09:34.0869 7372 usbaudio - ok
21:09:34.0901 7372 [ C31AE588E403042632DC796CF09E30B0 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
21:09:34.0903 7372 usbccgp - ok
21:09:34.0939 7372 [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir C:\Windows\system32\DRIVERS\usbcir.sys
21:09:34.0941 7372 usbcir - ok
21:09:34.0960 7372 [ E4C436D914768CE965D5E659BA7EEBD8 ] usbehci C:\Windows\system32\drivers\usbehci.sys
21:09:34.0962 7372 usbehci - ok
21:09:34.0981 7372 [ BDCD7156EC37448F08633FD899823620 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
21:09:34.0984 7372 usbhub - ok
21:09:35.0008 7372 [ EB2D819A639015253C871CDA09D91D58 ] usbohci C:\Windows\system32\drivers\usbohci.sys
21:09:35.0010 7372 usbohci - ok
21:09:35.0021 7372 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
21:09:35.0023 7372 usbprint - ok
21:09:35.0052 7372 [ 576096CCBC07E7C4EA4F5E6686D6888F ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
21:09:35.0053 7372 usbscan - ok
21:09:35.0133 7372 [ 1C4287739A93594E57E2A9E6A3ED7353 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
21:09:35.0135 7372 USBSTOR - ok
21:09:35.0162 7372 [ 22480BF4E5A09192E5E30BA4DDE79FA4 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
21:09:35.0165 7372 usbuhci - ok
21:09:35.0195 7372 [ B5F6A992D996282B7FAE7048E50AF83A ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
21:09:35.0198 7372 usbvideo - ok
21:09:35.0253 7372 [ D82F43D15FDAA666856C0190CB73E7C9 ] usb_rndisx C:\Windows\system32\DRIVERS\usb8023x.sys
21:09:35.0254 7372 usb_rndisx - ok
21:09:35.0266 7372 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\Windows\System32\uxsms.dll
21:09:35.0269 7372 UxSms - ok
21:09:35.0282 7372 [ 4D0412B24DAF7DB46E3DEFA5D762D09E ] UxTuneUp C:\Windows\System32\uxtuneup.dll
21:09:35.0285 7372 UxTuneUp - ok
21:09:35.0298 7372 [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] VaultSvc C:\Windows\system32\lsass.exe
21:09:35.0300 7372 VaultSvc - ok
21:09:35.0303 7372 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\Windows\system32\DRIVERS\vdrvroot.sys
21:09:35.0304 7372 vdrvroot - ok
21:09:35.0325 7372 [ 8C4E7C49D3641BC9E299E466A7F8867D ] vds C:\Windows\System32\vds.exe
21:09:35.0332 7372 vds - ok
21:09:35.0378 7372 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
21:09:35.0380 7372 vga - ok
21:09:35.0434 7372 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\Windows\System32\drivers\vga.sys
21:09:35.0435 7372 VgaSave - ok
21:09:35.0499 7372 [ 3BE6E1F3A4F1AFEC8CEE0D7883F93583 ] vhdmp C:\Windows\system32\DRIVERS\vhdmp.sys
21:09:35.0502 7372 vhdmp - ok
21:09:35.0515 7372 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\Windows\system32\DRIVERS\viaagp.sys
21:09:35.0517 7372 viaagp - ok
21:09:35.0532 7372 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\Windows\system32\DRIVERS\viac7.sys
21:09:35.0534 7372 ViaC7 - ok
21:09:35.0549 7372 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\Windows\system32\DRIVERS\viaide.sys
21:09:35.0551 7372 viaide - ok
21:09:35.0566 7372 [ 379B349F65F453D2A6E75EA6B7448E49 ] vmbus C:\Windows\system32\DRIVERS\vmbus.sys
21:09:35.0568 7372 vmbus - ok
21:09:35.0582 7372 [ EC2BBAB4B84D0738C6C83D2234DC36FE ] VMBusHID C:\Windows\system32\DRIVERS\VMBusHID.sys
21:09:35.0584 7372 VMBusHID - ok
21:09:35.0659 7372 [ 77F605657102488EAF6884D1FD29939F ] VMUVC C:\Windows\system32\Drivers\VMUVC.sys
21:09:35.0662 7372 VMUVC - ok
21:09:35.0672 7372 [ 384E5A2AA49934295171E499F86BA6F3 ] volmgr C:\Windows\system32\DRIVERS\volmgr.sys
21:09:35.0673 7372 volmgr - ok
21:09:35.0683 7372 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
21:09:35.0687 7372 volmgrx - ok
21:09:35.0702 7372 [ 58DF9D2481A56EDDE167E51B334D44FD ] volsnap C:\Windows\system32\DRIVERS\volsnap.sys
21:09:35.0705 7372 volsnap - ok
21:09:35.0717 7372 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
21:09:35.0719 7372 vsmraid - ok
21:09:35.0744 7372 [ 7EA2BCD94D9CFAF4C556F5CC94532A6C ] VSS C:\Windows\system32\vssvc.exe
21:09:35.0755 7372 VSS - ok
21:09:36.0669 7372 [ ACB73F3B2000FD9173E88614E3C45A89 ] vvftUVC C:\Windows\system32\drivers\vvftUVC.sys
21:09:36.0673 7372 vvftUVC - ok
21:09:36.0682 7372 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
21:09:36.0684 7372 vwifibus - ok
21:09:36.0692 7372 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\Windows\system32\w32time.dll
21:09:36.0699 7372 W32Time - ok
21:09:36.0720 7372 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
21:09:36.0722 7372 WacomPen - ok
21:09:36.0734 7372 [ 692A712062146E96D28BA0B7D75DE31B ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
21:09:36.0735 7372 WANARP - ok
21:09:36.0737 7372 [ 692A712062146E96D28BA0B7D75DE31B ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
21:09:36.0738 7372 Wanarpv6 - ok
21:09:36.0792 7372 [ 353A04C273EC58475D8633E75CCD5604 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
21:09:36.0846 7372 WatAdminSvc - ok
21:09:36.0879 7372 [ 7790B77FE1E5EE47DCC66247095BB4C9 ] wbengine C:\Windows\system32\wbengine.exe
21:09:36.0891 7372 wbengine - ok
21:09:36.0904 7372 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
21:09:36.0910 7372 WbioSrvc - ok
21:09:36.0955 7372 [ 59E19BD13C3BDB857646B9E436BA27F7 ] WcesComm C:\Windows\WindowsMobile\wcescomm.dll
21:09:36.0959 7372 WcesComm - ok
21:09:36.0991 7372 [ 6D9B75275C3E3A5F51AEF81AFFADB2B6 ] wcncsvc C:\Windows\System32\wcncsvc.dll
21:09:36.0996 7372 wcncsvc - ok
21:09:37.0000 7372 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
21:09:37.0005 7372 WcsPlugInService - ok
21:09:37.0007 7372 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\Windows\system32\DRIVERS\wd.sys
21:09:37.0009 7372 Wd - ok
21:09:37.0021 7372 [ 9950E3D0F08141C7E89E64456AE7DC73 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
21:09:37.0026 7372 Wdf01000 - ok
21:09:37.0041 7372 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\Windows\system32\wdi.dll
21:09:37.0045 7372 WdiServiceHost - ok
21:09:37.0047 7372 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\Windows\system32\wdi.dll
21:09:37.0050 7372 WdiSystemHost - ok
21:09:37.0127 7372 [ BB5EC38F8D4600119B4720BC5D4211F1 ] WebClient C:\Windows\System32\webclnt.dll
21:09:37.0133 7372 WebClient - ok
21:09:37.0147 7372 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\Windows\system32\wecsvc.dll
21:09:37.0153 7372 Wecsvc - ok
21:09:37.0159 7372 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\Windows\System32\wercplsupport.dll
21:09:37.0162 7372 wercplsupport - ok
21:09:37.0180 7372 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\Windows\System32\WerSvc.dll
21:09:37.0184 7372 WerSvc - ok
21:09:37.0202 7372 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
21:09:37.0203 7372 WfpLwf - ok
21:09:37.0225 7372 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\Windows\system32\drivers\wimmount.sys
21:09:37.0227 7372 WIMMount - ok
21:09:37.0284 7372 [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
21:09:37.0289 7372 WinDefend - ok
21:09:37.0339 7372 WinHttpAutoProxySvc - ok
21:09:37.0395 7372 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
21:09:37.0397 7372 Winmgmt - ok
21:09:37.0434 7372 [ C4F5D3901D1B41D602DDC196E0B95B51 ] WinRM C:\Windows\system32\WsmSvc.dll
21:09:37.0448 7372 WinRM - ok
21:09:37.0505 7372 [ 30FC6E5448D0CBAAA95280EEEF7FEDAE ] WINUSB C:\Windows\system32\DRIVERS\WinUSB.SYS
21:09:37.0507 7372 WINUSB - ok
21:09:37.0541 7372 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\Windows\System32\wlansvc.dll
21:09:37.0552 7372 Wlansvc - ok
21:09:37.0613 7372 [ 5144AE67D60EC653F97DDF3FEED29E77 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
21:09:37.0624 7372 wlidsvc - ok
21:09:37.0641 7372 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
21:09:37.0642 7372 WmiAcpi - ok
21:09:37.0658 7372 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
21:09:37.0660 7372 wmiApSrv - ok
21:09:37.0681 7372 [ 77FBD400984CF72BA0FC4B3489D65F74 ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
21:09:37.0690 7372 WMPNetworkSvc - ok
21:09:37.0704 7372 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\Windows\System32\wpcsvc.dll
21:09:37.0708 7372 WPCSvc - ok
21:09:37.0718 7372 [ B7F658A2EBC07129538AD9AB35212637 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
21:09:37.0722 7372 WPDBusEnum - ok
21:09:37.0764 7372 [ D8ECD27FBF0F8FC31695824DB9C1CB42 ] WPRO_41_2001 C:\Windows\system32\drivers\WPRO_41_2001.sys
21:09:37.0766 7372 WPRO_41_2001 - ok
21:09:37.0771 7372 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
21:09:37.0773 7372 ws2ifsl - ok
21:09:37.0783 7372 [ A661A76333057B383A06E65F0073222F ] wscsvc C:\Windows\System32\wscsvc.dll
21:09:37.0787 7372 wscsvc - ok
21:09:37.0789 7372 WSearch - ok
21:09:37.0842 7372 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
21:09:37.0893 7372 wuauserv - ok
21:09:37.0901 7372 [ 6F9B6C0C93232CFF47D0F72D6DB1D21E ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
21:09:37.0903 7372 WudfPf - ok
21:09:37.0918 7372 [ F91FF1E51FCA30B3C3981DB7D5924252 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
21:09:37.0920 7372 WUDFRd - ok
21:09:37.0934 7372 [ DDEE3682FE97037C45F4D7AB467CB8B6 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
21:09:37.0970 7372 wudfsvc - ok
21:09:38.0001 7372 [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc C:\Windows\System32\wwansvc.dll
21:09:38.0007 7372 WwanSvc - ok
21:09:38.0054 7372 [ CE0C846127D6ABB1E2A22E59682B2527 ] xnacc C:\Windows\system32\DRIVERS\xnacc.sys
21:09:38.0058 7372 xnacc - ok
21:09:38.0176 7372 [ A640C90B007762939507C28A021BE3B3 ] xusb21 C:\Windows\system32\DRIVERS\xusb21.sys
21:09:38.0178 7372 xusb21 - ok
21:09:38.0189 7372 ================ Scan global ===============================
21:09:38.0211 7372 [ 9A595DF601070DA78C40481120DD2C06 ] C:\Windows\system32\basesrv.dll
21:09:38.0228 7372 [ 008F51AE989C3DF1CBAF8B39DC423CCC ] C:\Windows\system32\winsrv.dll
21:09:38.0235 7372 [ 008F51AE989C3DF1CBAF8B39DC423CCC ] C:\Windows\system32\winsrv.dll
21:09:38.0253 7372 [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
21:09:38.0274 7372 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
21:09:38.0278 7372 [Global] - ok
21:09:38.0278 7372 ================ Scan MBR ==================================
21:09:38.0299 7372 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
21:09:38.0528 7372 \Device\Harddisk1\DR1 - ok
21:09:38.0546 7372 [ 413FC2A0C716421B3158746D63736515 ] \Device\Harddisk0\DR0
21:09:38.0714 7372 \Device\Harddisk0\DR0 - ok
21:09:38.0717 7372 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk2\DR3
21:09:38.0720 7372 \Device\Harddisk2\DR3 - ok
21:09:38.0721 7372 ================ Scan VBR ==================================
21:09:38.0723 7372 [ 826536B1889BF3105FA1C9A9DAE3F76A ] \Device\Harddisk1\DR1\Partition1
21:09:38.0724 7372 \Device\Harddisk1\DR1\Partition1 - ok
21:09:38.0736 7372 [ 567B0A97383192748655DDE0967CFCE3 ] \Device\Harddisk1\DR1\Partition2
21:09:38.0738 7372 \Device\Harddisk1\DR1\Partition2 - ok
21:09:38.0746 7372 [ CD4C98D825AE74599B000943A768DDF4 ] \Device\Harddisk0\DR0\Partition1
21:09:38.0747 7372 \Device\Harddisk0\DR0\Partition1 - ok
21:09:38.0760 7372 [ 32F72C0288CD78F6E37DF52B1CC630CC ] \Device\Harddisk0\DR0\Partition2
21:09:38.0761 7372 \Device\Harddisk0\DR0\Partition2 - ok
21:09:38.0763 7372 [ 04856F668BF79A16EEBFE320B75303DE ] \Device\Harddisk2\DR3\Partition1
21:09:38.0765 7372 \Device\Harddisk2\DR3\Partition1 - ok
21:09:38.0765 7372 ============================================================
21:09:38.0765 7372 Scan finished
21:09:38.0765 7372 ============================================================
21:09:38.0770 1868 Detected object count: 0
21:09:38.0770 1868 Actual detected object count: 0
21:10:23.0688 7276 Deinitialize success
-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Log z ComboFix:
ComboFix 13-04-23.02 - Rasty Kartas 23.04.2013 22:56:55.1.4 - x86
Microsoft Windows 7 Ultimate 6.1.7600.0.1250.420.1029.18.3233.1669 [GMT 2:00]
Spuštěný z: c:\users\Rasty Kartas\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\MW
c:\program files\MW\background.ole
c:\program files\MW\mw.themepack
c:\program files\MW\NO.bmp
c:\program files\MW\Uninstall.exe
c:\program files\MW\Uninstall.ini
c:\program files\MW\YES_on.bmp
c:\users\Rasty Kartas\AppData\Local\Temp\7zS1931\HPSLPSVC32.DLL
c:\users\RASTYK~1\AppData\Local\Temp\7zS1931\HPSLPSVC32.DLL
c:\windows\iun6002.exe
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
c:\windows\RazorDOX
c:\windows\RazorDOX\RazorDOX.dll
c:\windows\system32\muzapp.exe
c:\windows\system32\pt
c:\windows\system32\pt\AuthFWSnapIn.Resources.dll
c:\windows\system32\pt\AuthFWWizFwk.Resources.dll
c:\windows\system32\pt\Narrator.resources.dll
c:\windows\system32\WPRO_41_2001woem.tmp
D:\install.exe
H:\svchost.exe
J:\Autorun.inf
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_HPSLPSVC
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-03-23 do 2013-04-23 )))))))))))))))))))))))))))))))
.
.
2013-04-23 21:12 . 2013-04-23 21:12 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2013-04-23 21:12 . 2013-04-23 21:12 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-04-23 11:10 . 2013-04-23 11:10 -------- d-----w- c:\users\Rasty Kartas\AppData\Roaming\Unity
2013-04-23 10:19 . 2013-04-23 10:19 -------- d-----w- c:\users\Rasty Kartas\AppData\Local\Unity
2013-04-19 21:27 . 2013-04-19 21:27 -------- d-----w- c:\users\Rasty Kartas\AppData\Roaming\Malwarebytes
2013-04-19 21:27 . 2013-04-19 21:27 -------- d-----w- c:\programdata\Malwarebytes
2013-04-19 21:27 . 2013-04-19 21:27 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2013-04-19 21:27 . 2013-04-04 12:50 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-04-19 14:53 . 2013-04-19 14:53 388096 ----a-r- c:\users\Rasty Kartas\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2013-04-19 14:53 . 2013-04-19 14:53 -------- d-----w- c:\program files\Trend Micro
2013-04-14 17:52 . 2012-07-03 15:25 28008 ----a-w- c:\windows\system32\nvhdap32.dll
2013-04-14 17:52 . 2012-07-03 15:25 149352 ----a-w- c:\windows\system32\drivers\nvhda32v.sys
2013-04-14 17:52 . 2012-07-03 07:37 884072 ----a-w- c:\windows\system32\nvhdagenco3220103.dll
2013-04-14 17:52 . 2012-12-29 10:26 1017272 ----a-w- c:\windows\system32\nvdispco32.dll
2013-04-14 17:52 . 2012-12-29 10:26 8904632 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2013-04-14 17:52 . 2012-12-29 10:26 889784 ----a-w- c:\windows\system32\nvdispgenco32.dll
2013-04-14 17:52 . 2012-12-29 10:26 7931896 ----a-w- c:\windows\system32\nvcuda.dll
2013-04-14 17:52 . 2012-12-29 10:26 2720696 ----a-w- c:\windows\system32\nvcuvid.dll
2013-04-14 17:52 . 2012-12-29 10:26 20450232 ----a-w- c:\windows\system32\nvoglv32.dll
2013-04-14 17:52 . 2012-12-29 10:26 1985976 ----a-w- c:\windows\system32\nvcuvenc.dll
2013-04-14 17:52 . 2012-12-29 10:26 17560504 ----a-w- c:\windows\system32\nvcompiler.dll
2013-04-11 04:59 . 2013-04-11 04:59 -------- d-----w- c:\users\Rasty Kartas\AppData\Roaming\Sony Creative Software Inc
2013-04-06 19:31 . 2013-04-16 14:32 -------- d-----w- C:\Superstar 2013
2013-04-04 03:03 . 2013-04-04 03:13 -------- d-----w- c:\users\Rasty Kartas\AppData\Local\Anvil Studio
2013-04-04 02:39 . 2013-04-04 02:46 -------- d-----w- c:\program files\TallStick
2013-04-01 12:40 . 2013-04-01 12:46 -------- d-----w- c:\program files\Common Files\Nero
2013-03-31 23:08 . 2013-03-31 23:08 -------- d-----w- c:\program files\AGEIA Technologies
2013-03-31 23:06 . 2013-04-14 17:55 -------- d-----w- c:\windows\system32\NV
2013-03-31 22:59 . 2012-12-29 10:26 6263784 ----a-w- c:\windows\system32\nvopencl.dll
2013-03-31 22:59 . 2013-03-15 05:46 892704 ----a-w- c:\windows\system32\nvdispgenco3231422.dll
2013-03-31 22:59 . 2013-03-15 05:46 1012512 ----a-w- c:\windows\system32\nvdispco3231422.dll
2013-03-31 22:59 . 2012-12-29 10:26 201728 ----a-w- c:\windows\system32\nvinit.dll
2013-03-29 21:15 . 2013-04-23 19:18 -------- d-----w- c:\program files\Common Files\Steam
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-04-23 21:04 . 2013-04-23 13:43 60872 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{E8F45F8F-25EA-49D8-B5BD-9415C0C3E7EE}\offreg.dll
2013-04-14 19:25 . 2013-03-11 02:04 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-04-14 19:25 . 2013-03-11 02:04 691592 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-04-10 03:08 . 2013-04-22 20:33 6906960 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{E8F45F8F-25EA-49D8-B5BD-9415C0C3E7EE}\mpengine.dll
2013-03-14 20:42 . 2013-03-14 20:42 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-03-14 20:41 . 2012-08-06 16:25 782240 ----a-w- c:\windows\system32\deployJava1.dll
2013-03-14 20:41 . 2012-08-06 16:25 861088 ----a-w- c:\windows\system32\npDeployJava1.dll
2013-03-11 23:10 . 2012-08-02 17:25 237088 ------w- c:\windows\system32\MpSigStub.exe
2013-03-11 05:07 . 2013-03-11 05:07 1336832 ----a-w- C:\pecsetup.exe
2013-03-11 01:14 . 2013-03-11 01:14 1197784 ----a-w- C:\Adobe_Flash_Player_11.4.402.287_Downloader.exe
2013-03-11 01:10 . 2013-03-11 01:09 15846768 ----a-w- C:\install_flash_player_11_active_x_1.exe
2013-03-11 01:09 . 2013-03-11 01:09 16473456 ----a-w- C:\install_flash_player_11_plugin_1.exe
2013-03-11 01:09 . 2013-03-11 01:09 701808 ----a-w- C:\uninstall_flash_player.exe
2013-03-11 00:47 . 2013-03-11 00:41 32545076 ----a-w- C:\flash10.zip
2013-03-11 00:43 . 2013-03-11 00:39 21903026 ----a-w- C:\flash8.zip
2013-03-11 00:38 . 2013-03-11 00:38 633217 ----a-w- C:\flash2.zip
2013-03-10 23:10 . 2013-03-10 23:10 1004952 ----a-w- C:\install_flashplayer11x32_mssd_aih_2.exe
2013-03-10 23:09 . 2013-03-10 23:09 1004608 ----a-w- C:\install_flashplayer11x32_mssd_aih_1.exe
2013-03-10 23:08 . 2013-03-10 23:07 15846768 ----a-w- C:\install_flash_player_11_active_x.exe
2013-03-10 23:03 . 2013-03-10 23:01 16473456 ----a-w- C:\install_flash_player_11_plugin.exe
2013-03-10 23:00 . 2013-03-10 23:00 1004952 ----a-w- C:\install_flashplayer11x32_mssd_aih.exe
2013-03-06 23:33 . 2013-03-17 23:46 164736 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-03-06 23:33 . 2013-03-17 23:46 49248 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2013-03-06 23:33 . 2012-08-03 09:41 368176 ----a-w- c:\windows\system32\drivers\aswSP.sys
2013-03-06 23:33 . 2012-08-03 09:41 62376 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2013-03-06 23:33 . 2012-08-03 09:41 765736 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-03-06 23:33 . 2012-08-03 09:41 60656 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2013-03-06 23:33 . 2012-08-03 09:41 66336 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-03-06 23:33 . 2012-08-03 09:41 29816 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2013-03-06 23:32 . 2012-08-03 09:40 41664 ----a-w- c:\windows\avastSS.scr
2013-03-06 23:32 . 2012-08-03 09:40 228600 ----a-w- c:\windows\system32\aswBoot.exe
2013-02-20 23:56 . 2013-02-20 23:56 695383 ----a-w- C:\PSXeven_v0.19-1717.zip
2013-02-20 23:43 . 2013-02-20 23:42 3639 ----a-w- c:\windows\VGSCDAPI.VXD
2013-02-20 21:27 . 2013-02-20 21:27 56777 ----a-w- C:\zlib1.zip
2013-02-20 21:26 . 2013-02-20 21:26 81186 ----a-w- C:\zlib123-dll.zip
2013-02-20 20:57 . 2013-02-20 20:57 242846 ----a-w- C:\bios.zip
2013-02-20 17:46 . 2013-02-20 17:45 2824160 ----a-w- C:\PSX BIOS PACK.zip
2013-02-20 17:42 . 2013-02-20 17:42 241675 ----a-w- C:\SCPH7003.zip
2013-02-20 17:41 . 2013-02-20 17:41 250029 ----a-w- C:\Scph1000.zip
2013-02-20 17:41 . 2013-02-20 17:41 241658 ----a-w- C:\SCPH1001.zip
2013-02-20 17:23 . 2013-02-20 17:23 286473 ----a-w- C:\Scph7502_BIOS.zip
2013-02-20 17:22 . 2013-02-20 17:22 250029 ----a-w- C:\Scph1000_Bios.zip
2013-02-20 17:22 . 2013-02-20 17:22 241658 ----a-w- C:\PSX_Bios_SCPH1001.zip
2013-02-20 17:22 . 2013-02-20 17:22 286195 ----a-w- C:\PSX_Bios_41a.zip
2013-02-20 17:22 . 2013-02-20 17:22 480462 ----a-w- C:\PSO.zip
2013-02-20 16:47 . 2013-02-20 16:47 3889192 ----a-w- C:\PSX.zip
2013-02-18 23:49 . 2013-02-18 23:49 352256 ----a-w- c:\windows\eSellerateEngine.dll
2013-02-12 21:05 . 2013-02-12 20:58 15499620 ----a-w- C:\Crank.zip
2013-01-31 15:54 . 2012-11-20 23:47 22328 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2013-01-31 15:54 . 2012-12-14 08:28 103736 ----a-w- c:\windows\system32\PnkBstrB.exe
2013-01-24 19:57 . 2009-05-21 18:21 499712 ----a-w- c:\windows\system32\msvcp71.dll
2013-01-24 19:57 . 2009-05-21 16:57 348160 ----a-w- c:\windows\system32\msvcr71.dll
2013-04-11 19:27 . 2013-04-11 19:27 263064 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{2adefb8e-b923-35e6-86e2-2b7841f5d6a4}]
2009-11-25 10:47 297808 ----a-w- c:\windows\System32\mscoree.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-03-06 23:32 121968 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Seznam Postak"="c:\program files\Seznam.cz\bin\postak.exe" [2012-01-10 491040]
"uTorrent"="c:\program files\uTorrent\uTorrent.exe" [2013-04-13 802136]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1173504]
"OscarX7Mouse5Mode"="c:\program files\OscarX7Editor5Mode\OscarX7Editor5Mode\OscarEditor.exe" [2011-10-21 3518976]
"Steam"="h:\hry\Steam\steam.exe" [2013-04-19 1631144]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-01-12 144152]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-01-12 179992]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-01-12 188184]
"USB3MON"="c:\program files\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2012-01-26 291608]
"XFastUSB"="c:\program files\XFastUSB\XFastUsb.exe" [2012-08-02 5019360]
"OFFICEKB"="c:\program files\Labtec\Keyboard\V5.1\kbdap32a.exe" [2012-08-02 387584]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-03-06 4767304]
"SysMetrix"="c:\program files\SysMetrix\SysMetrix.exe" [2006-02-25 2637824]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2011-10-17 11430504]
"RPCResolver"="c:\archive\data\WinINIT.vbs" [2012-10-03 192]
"TkBellExe"="c:\program files\Real\RealPlayer\update\realsched.exe" [2013-01-24 295072]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Samsung.PCSync"="c:\program files\Samsung\Samsung PC Studio 7\PcSync2.exe" [2009-06-04 1294336]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\System32\nvinit.dll
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"Steam"="d:\hry\Steam\steam.exe" -silent
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"THXCfg32"=c:\windows\system32\RunDLL32.exe c:\windows\system32\THXCfg32.dll,RunDLLEntry THXCfg32
"VIRTU MVP"=c:\program files\Lucidlogix Technologies\VIRTU MVP\MVPControlPanel.Exe /hide
"HP Software Update"=c:\program files\HP\HP Software Update\HPWuSchd2.exe
"hpqSRMon"=c:\program files\HP\Digital Imaging\bin\hpqSRMon.exe
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe"
"CmPCIaudio"=RunDll32 CMICNFG3.cpl,CMICtrlWnd
"NeroFilterCheck"=c:\program files\Common Files\Ahead\Lib\NeroCheck.exe
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe"
"TkBellExe"="c:\program files\Real\RealPlayer\update\realsched.exe" -osboot
"UpdReg"=c:\windows\UpdReg.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiSpyWareDisableNotify"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"AntiVirusOverride"=dword:00000001
"AntiSpywareOverride"=dword:00000001
"FirewallOverride"=dword:00000001
.
R2 AxAutoMntSrv;Alcohol Virtual Drive Auto-mount Service;c:\program files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [x]
R2 Intel(R) ME Service;Intel(R) ME Service;c:\program files\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [x]
R3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\Drivers\ssadadb.sys [x]
R3 aswVmm;aswVmm; [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys [x]
R3 dgderdrv;dgderdrv;c:\windows\system32\drivers\dgderdrv.sys [x]
R3 EverestDriver;Lavalys EVEREST Kernel Driver;c:\program files\Lavalys\EVEREST Ultimate Edition\kerneld.wnt [x]
R3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\DRIVERS\ewusbnet.sys [x]
R3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys [x]
R3 GPU-Z;GPU-Z;c:\users\RASTYK~1\AppData\Local\Temp\GPU-Z.sys [x]
R3 Sony PC Companion;Sony PC Companion;c:\program files\Sony\Sony PC Companion\PCCService.exe [x]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys [x]
R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys [x]
R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys [x]
R3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);c:\windows\system32\DRIVERS\ssadserd.sys [x]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys [x]
R3 VMUVC;Vimicro Camera Service VMUVC;c:\windows\system32\Drivers\VMUVC.sys [x]
R3 vvftUVC;Vimicro Camera Filter Service VMUVC;c:\windows\system32\drivers\vvftUVC.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S0 asahci32;asahci32;c:\windows\system32\DRIVERS\asahci32.sys [x]
S0 AsrRamDisk;AsrRamDisk;c:\windows\system32\DRIVERS\AsrRamDisk.sys [x]
S0 aswRvrt;aswRvrt; [x]
S0 iaStorA;iaStorA;c:\windows\system32\DRIVERS\iaStorA.sys [x]
S0 iaStorF;iaStorF;c:\windows\system32\DRIVERS\iaStorF.sys [x]
S0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hcs.sys [x]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 FNETURPX;FNETURPX;c:\windows\system32\drivers\FNETURPX.SYS [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
S2 cpuz135;cpuz135;c:\windows\system32\drivers\cpuz135_x32.sys [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 ISCTAgent;ISCT Always Updated Agent;c:\program files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 NAUpdate;Nero Update;c:\program files\Nero\Update\NASvc.exe [x]
S2 PanService;PandoraService;c:\program files\PANDORA.TV\PanService\PandoraService.exe [x]
S2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;c:\program files\RealNetworks\RealDownloader\rndlresolversvc.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 ALSysIO;ALSysIO;c:\users\RASTYK~1\AppData\Local\Temp\ALSysIO.sys [x]
S3 FNETTBOH_305;FNETTBOH_305;c:\windows\system32\drivers\FNETTBOH_305.SYS [x]
S3 ikbevent;Intel Upper keyboard Class Filter Driver;c:\windows\system32\DRIVERS\ikbevent.sys [x]
S3 imsevent;Intel Upper Mouse Class Filter Driver;c:\windows\system32\DRIVERS\imsevent.sys [x]
S3 ISCT;Intel(R) Smart Connect Technology Device Driver;c:\windows\system32\DRIVERS\ISCTD.sys [x]
S3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3xhc.sys [x]
S3 MBfilt;MBfilt;c:\windows\system32\drivers\MBfilt32.sys [x]
S3 MEI;Intel(R) Management Engine Interface ;c:\windows\system32\DRIVERS\HECI.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [x]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*Deregistered* - WPRO_41_2001
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPService REG_MULTI_SZ HPSLPSVC
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
WindowsMobile REG_MULTI_SZ wcescomm rapimgr
LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-04-10 15:22 1642448 ----a-w- c:\program files\Google\Chrome\Application\26.0.1410.64\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-04-23 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-09-21 12:16]
.
2013-04-23 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-09-21 12:16]
.
2013-04-20 c:\windows\Tasks\ReclaimerUpdateFiles_Rasty Kartas.job
- c:\users\Rasty Kartas\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\10.40\agent\rnupgagent.exe [2013-03-26 01:43]
.
2013-04-21 c:\windows\Tasks\ReclaimerUpdateXML_Rasty Kartas.job
- c:\users\Rasty Kartas\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\10.40\agent\rnupgagent.exe [2013-03-26 01:43]
.
2013-04-23 c:\windows\Tasks\RNUpgradeHelperLogonPrompt_Rasty Kartas.job
- c:\users\Rasty Kartas\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\10.40\agent\rnupgagent.exe [2013-03-26 01:43]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.cz/
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: {{230D1201-7607-4CF6-A11F-9E4BF0A333E0} - {0DB13731-CEFD-43CF-A8FD-B61DCBC4D5B8} - c:\program files\Verdict Free\etnxp.dll
IE: {{2C73F784-D2DE-4422-B070-2E3332FE5744} - {0320AC26-52C8-4316-B2C4-24BB6FA73C9A} - c:\program files\Verdict Free\etnxp.dll
TCP: DhcpNameServer = 192.168.1.10
FF - ProfilePath - c:\users\Rasty Kartas\AppData\Roaming\Mozilla\Firefox\Profiles\zyydg4z3.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: keyword.URL - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF - ExtSQL: 2013-03-11 16:06; jid0-irAmugmQgdURBSCIFZAcjR8ZQMg@jetpack; c:\users\Rasty Kartas\AppData\Roaming\Mozilla\Firefox\Profiles\zyydg4z3.default\extensions\jid0-irAmugmQgdURBSCIFZAcjR8ZQMg@jetpack.xpi
FF - ExtSQL: 2013-03-16 02:40; {1018e4d6-728f-4b20-ad56-37578a4de76b}; c:\users\Rasty Kartas\AppData\Roaming\Mozilla\Firefox\Profiles\zyydg4z3.default\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}
FF - ExtSQL: !HIDDEN! 2012-08-10 21:39; smartwebprinting@hp.com; c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF - ExtSQL: !HIDDEN! 2013-02-05 17:33; hotfix@mozilla.org; c:\users\Rasty Kartas\AppData\Roaming\Mozilla\Firefox\Extensions\MozillaHotfix
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-Cool's_Codec_pack_4.12 - c:\windows\iun6002.exe
AddRemove-Serious Sam - The Second Encounter - h:\hry\Serious Sam - The Second Encounter\uninstall.exe
AddRemove-Dexter The Game - h:\hry\Icarus Studios
AddRemove-mw_folder - c:\program files\mw\uninstall.exe
AddRemove-SP_b0285714 - c:\program files\WebSearch\uninstall.exe
AddRemove-{9C5216D0-1D91-5A8F-7707-4392F0D82047} - c:\progra~2\INSTAL~2\{0CB08~1\Setup.exe
AddRemove-{C670DCAE-E392-AA32-6F42-143C7FC4BDFD} - c:\programdata\Search-NewTab\uninstall.exe
AddRemove-01_Simmental - c:\program files\Samsung\USB Drivers\01_Simmental\Uninstall.exe
AddRemove-02_Siberian - c:\program files\Samsung\USB Drivers\02_Siberian\Uninstall.exe
AddRemove-03_Swallowtail - c:\program files\Samsung\USB Drivers\03_Swallowtail\Uninstall.exe
AddRemove-04_semseyite - c:\program files\Samsung\USB Drivers\04_semseyite\Uninstall.exe
AddRemove-07_Schorl - c:\program files\Samsung\USB Drivers\07_Schorl\Uninstall.exe
AddRemove-09_Hsp - c:\program files\Samsung\USB Drivers\09_Hsp\Uninstall.exe
AddRemove-11_HSP_Plus_Default - c:\program files\Samsung\USB Drivers\11_HSP_Plus_Default\Uninstall.exe
AddRemove-16_Shrewsbury - c:\program files\Samsung\USB Drivers\16_Shrewsbury\Uninstall.exe
AddRemove-20_NXP_Driver - c:\program files\Samsung\USB Drivers\20_NXP_Driver\Uninstall.exe
AddRemove-24_flashusbdriver - c:\program files\Samsung\USB Drivers\24_flashusbdriver\Uninstall.exe
AddRemove-25_escape - c:\program files\Samsung\USB Drivers\25_escape\Uninstall.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\EverestDriver]
"ImagePath"="\??\c:\program files\Lavalys\EVEREST Ultimate Edition\kerneld.wnt"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-2518957177-3384376808-1782611467-1000\Software\SecuROM\License information*]
"datasecu"=hex:8b,50,27,3c,1b,c1,15,cc,d3,65,cd,fc,be,55,53,18,51,f9,29,3f,9c,
65,eb,8b,d1,b4,0d,7d,8d,01,a7,1b,91,7c,ef,a9,f2,5e,51,86,be,e6,e3,18,1c,29,\
"rkeysecu"=hex:2f,0f,d5,3e,02,2b,06,63,b1,0b,dd,b6,71,e2,54,98
.
[HKEY_USERS\S-1-5-21-2518957177-3384376808-1782611467-1000\Software\Trolltech\OrganizationDefaults\Qt Factory Cache 4.7\com.trolltech.Qt.QImageIOHandlerFactoryInterface:\h:\Hry\B*a*t*t*l*e*f*i*e*l*d* *3*"!\Core\imageformats]
"qgif4.dll"=multi:"2011-10-10T17:42\00gif\00\00"
"qico4.dll"=multi:"2011-10-10T17:42\00ico\00\00"
"qjpeg4.dll"=multi:"2011-10-10T17:42\00jpeg\00jpg\00\00"
.
[HKEY_USERS\S-1-5-21-2518957177-3384376808-1782611467-1000\Software\Trolltech\OrganizationDefaults\Qt Factory Cache 4.7\com.trolltech.Qt.QTextCodecFactoryInterface:\h:\Hry\B*a*t*t*l*e*f*i*e*l*d* *3*"!\Core\codecs]
"qcncodecs4.dll"=multi:"2011-10-10T17:42\00GB18030\00GBK\00GB2312\00CP936\00MS936\00windows-936\00MIB: 114\00MIB: 113\00MIB: 2025\00\00"
"qkrcodecs4.dll"=multi:"2011-10-10T17:42\00EUC-KR\00cp949\00MIB: 38\00MIB: -949\00\00"
"qtwcodecs4.dll"=multi:"2011-10-10T17:42\00Big5\00Big5-HKSCS\00Big5-ETen\00CP950\00MIB: 2026\00MIB: 2101\00\00"
.
[HKEY_USERS\S-1-5-21-2518957177-3384376808-1782611467-1000\Software\Trolltech\OrganizationDefaults\Qt Plugin Cache 4.7.false\h:\hry\B*a*t*t*l*e*f*i*e*l*d* *3*"!\Core\codecs]
"qcncodecs4.dll"=multi:"40703\000\00Windows msvc release full-config QT_NO_DRAGANDDROP\002011-10-10T17:42\00\00"
"qjpcodecs4.dll"=multi:"40602\000\00Windows msvc release full-config\002011-10-10T17:42\00\00"
"qjpcodecsd4.dll"=multi:"40703\001\00Windows msvc debug full-config QT_NO_DRAGANDDROP\002011-10-10T17:42\00\00"
"qkrcodecs4.dll"=multi:"40703\000\00Windows msvc release full-config QT_NO_DRAGANDDROP\002011-10-10T17:42\00\00"
"qtwcodecs4.dll"=multi:"40703\000\00Windows msvc release full-config QT_NO_DRAGANDDROP\002011-10-10T17:42\00\00"
.
[HKEY_USERS\S-1-5-21-2518957177-3384376808-1782611467-1000\Software\Trolltech\OrganizationDefaults\Qt Plugin Cache 4.7.false\h:\hry\B*a*t*t*l*e*f*i*e*l*d* *3*"!\Core\imageformats]
"Microsoft.VC80.CRT.manifest"=multi:"0\001\00unknown\002011-10-10T17:42\00\00"
"msvcr80.dll"=multi:"0\001\00unknown\002011-10-10T17:42\00\00"
"qgif4.dll"=multi:"40703\000\00Windows msvc release full-config QT_NO_DRAGANDDROP\002011-10-10T17:42\00\00"
"qico4.dll"=multi:"40703\000\00Windows msvc release full-config QT_NO_DRAGANDDROP\002011-10-10T17:42\00\00"
"qjpeg4.dll"=multi:"40703\000\00Windows msvc release full-config QT_NO_DRAGANDDROP\002011-10-10T17:42\00\00"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_6_602_180_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_6_602_180_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'Explorer.exe'(4104)
c:\program files\Samsung\Samsung PC Studio 7\phonebrowser.dll
c:\program files\Samsung\Samsung PC Studio 7\PCSCM_Samsung.dll
c:\program files\Samsung\Samsung PC Studio 7\Lang\PhoneBrowser_eng.nlr
c:\program files\Samsung\Samsung PC Studio 7\Resource\PhoneBrowser_Samsung.ngr
c:\program files\Labtec\Keyboard\V5.1\KBDDL32A.DLL
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files\NVIDIA Corporation\Display\nvxdsync.exe
c:\windows\system32\nvvsvc.exe
c:\windows\system32\conhost.exe
c:\windows\system32\taskhost.exe
c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\windows\system32\PnkBstrA.exe
c:\program files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
c:\program files\Core Temp\Core Temp.exe
c:\windows\system32\conhost.exe
c:\archive\data\svchost.exe
c:\program files\Common Files\Java\Java Update\jucheck.exe
c:\windows\system32\taskhost.exe
c:\program files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
c:\windows\system32\DllHost.exe
c:\windows\system32\AUDIODG.EXE
d:\other\Screenshoter\Screenshoter.exe
.
**************************************************************************
.
Celkový čas: 2013-04-23 23:36:47 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-04-23 21:36
.
Před spuštěním: 4 502 237 184
Po spuštění: 3 675 734 016
.
- - End Of File - - E655C75FB1087733322061AFD2FDD5EC
21:09:33.0853 7372 swenum - ok
21:09:33.0865 7372 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\Windows\System32\swprv.dll
21:09:33.0871 7372 swprv - ok
21:09:33.0893 7372 [ 04105C8DA62353589C29BDAEB8D88BD8 ] SysMain C:\Windows\system32\sysmain.dll
21:09:33.0905 7372 SysMain - ok
21:09:33.0976 7372 [ FCFB6C552FBC0DA299799CBD50AD9FD4 ] TabletInputService C:\Windows\System32\TabSvc.dll
21:09:33.0981 7372 TabletInputService - ok
21:09:33.0992 7372 [ 2F46B0C70A4ADC8C90CF825DA3B4FEAF ] TapiSrv C:\Windows\System32\tapisrv.dll
21:09:33.0998 7372 TapiSrv - ok
21:09:34.0006 7372 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\Windows\System32\tbssvc.dll
21:09:34.0010 7372 TBS - ok
21:09:34.0052 7372 [ 55E9965552741F3850CB22CBBA9671ED ] Tcpip C:\Windows\system32\drivers\tcpip.sys
21:09:34.0063 7372 Tcpip - ok
21:09:34.0091 7372 [ 55E9965552741F3850CB22CBBA9671ED ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
21:09:34.0096 7372 TCPIP6 - ok
21:09:34.0131 7372 [ E64444523ADD154F86567C469BC0B17F ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
21:09:34.0132 7372 tcpipreg - ok
21:09:34.0147 7372 [ 1875C1490D99E70E449E3AFAE9FCBADF ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
21:09:34.0148 7372 TDPIPE - ok
21:09:34.0179 7372 [ 7156308896D34EA75A582F9A09E50C17 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
21:09:34.0181 7372 TDTCP - ok
21:09:34.0196 7372 [ CB39E896A2A83702D1737BFD402B3542 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
21:09:34.0197 7372 tdx - ok
21:09:34.0205 7372 [ C36F41EE20E6999DBF4B0425963268A5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
21:09:34.0206 7372 TermDD - ok
21:09:34.0278 7372 [ A01E50A04D7B1960B33E92B9080E6A94 ] TermService C:\Windows\System32\termsrv.dll
21:09:34.0286 7372 TermService - ok
21:09:34.0297 7372 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\Windows\system32\themeservice.dll
21:09:34.0300 7372 Themes - ok
21:09:34.0304 7372 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\Windows\system32\mmcss.dll
21:09:34.0306 7372 THREADORDER - ok
21:09:34.0332 7372 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\Windows\System32\trkwks.dll
21:09:34.0336 7372 TrkWks - ok
21:09:34.0392 7372 [ 41A4C781D2286208D397D72099304133 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
21:09:34.0395 7372 TrustedInstaller - ok
21:09:34.0398 7372 [ 98AE6FA07D12CB4EC5CF4A9BFA5F4242 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
21:09:34.0399 7372 tssecsrv - ok
21:09:34.0480 7372 [ 99DC0CA7D77D4C6306906F8BA0F9B8C3 ] TuneUp.Defrag C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe
21:09:34.0485 7372 TuneUp.Defrag - ok
21:09:34.0522 7372 [ 3C8E34E11F8A12DE467CD8DF6274CEE9 ] TuneUp.UtilitiesSvc C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
21:09:34.0532 7372 TuneUp.UtilitiesSvc - ok
21:09:34.0561 7372 [ F2107C9D85EC0DF116939CCCE06AE697 ] TuneUpUtilitiesDrv C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys
21:09:34.0562 7372 TuneUpUtilitiesDrv - ok
21:09:34.0568 7372 [ 3E461D890A97F9D4C168F5FDA36E1D00 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
21:09:34.0570 7372 tunnel - ok
21:09:34.0592 7372 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
21:09:34.0593 7372 uagp35 - ok
21:09:34.0611 7372 [ 09CC3E16F8E5EE7168E01CF8FCBE061A ] udfs C:\Windows\system32\DRIVERS\udfs.sys
21:09:34.0614 7372 udfs - ok
21:09:34.0626 7372 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
21:09:34.0629 7372 UI0Detect - ok
21:09:34.0637 7372 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\Windows\system32\DRIVERS\uliagpkx.sys
21:09:34.0639 7372 uliagpkx - ok
21:09:34.0650 7372 [ 049B3A50B3D646BAEEEE9EEC9B0668DC ] umbus C:\Windows\system32\DRIVERS\umbus.sys
21:09:34.0651 7372 umbus - ok
21:09:34.0664 7372 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
21:09:34.0666 7372 UmPass - ok
21:09:34.0688 7372 [ 8ECACA5454844F66386F7BE4AE0D7CD1 ] UmRdpService C:\Windows\System32\umrdp.dll
21:09:34.0693 7372 UmRdpService - ok
21:09:34.0756 7372 [ 193AD338F2A64D17300AD640ADFA5D0A ] UNS C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
21:09:34.0760 7372 UNS - ok
21:09:34.0804 7372 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\Windows\System32\upnphost.dll
21:09:34.0809 7372 upnphost - ok
21:09:34.0867 7372 [ 2436A42AAB4AD48A9B714E5B0F344627 ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
21:09:34.0869 7372 usbaudio - ok
21:09:34.0901 7372 [ C31AE588E403042632DC796CF09E30B0 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
21:09:34.0903 7372 usbccgp - ok
21:09:34.0939 7372 [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir C:\Windows\system32\DRIVERS\usbcir.sys
21:09:34.0941 7372 usbcir - ok
21:09:34.0960 7372 [ E4C436D914768CE965D5E659BA7EEBD8 ] usbehci C:\Windows\system32\drivers\usbehci.sys
21:09:34.0962 7372 usbehci - ok
21:09:34.0981 7372 [ BDCD7156EC37448F08633FD899823620 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
21:09:34.0984 7372 usbhub - ok
21:09:35.0008 7372 [ EB2D819A639015253C871CDA09D91D58 ] usbohci C:\Windows\system32\drivers\usbohci.sys
21:09:35.0010 7372 usbohci - ok
21:09:35.0021 7372 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
21:09:35.0023 7372 usbprint - ok
21:09:35.0052 7372 [ 576096CCBC07E7C4EA4F5E6686D6888F ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
21:09:35.0053 7372 usbscan - ok
21:09:35.0133 7372 [ 1C4287739A93594E57E2A9E6A3ED7353 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
21:09:35.0135 7372 USBSTOR - ok
21:09:35.0162 7372 [ 22480BF4E5A09192E5E30BA4DDE79FA4 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
21:09:35.0165 7372 usbuhci - ok
21:09:35.0195 7372 [ B5F6A992D996282B7FAE7048E50AF83A ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
21:09:35.0198 7372 usbvideo - ok
21:09:35.0253 7372 [ D82F43D15FDAA666856C0190CB73E7C9 ] usb_rndisx C:\Windows\system32\DRIVERS\usb8023x.sys
21:09:35.0254 7372 usb_rndisx - ok
21:09:35.0266 7372 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\Windows\System32\uxsms.dll
21:09:35.0269 7372 UxSms - ok
21:09:35.0282 7372 [ 4D0412B24DAF7DB46E3DEFA5D762D09E ] UxTuneUp C:\Windows\System32\uxtuneup.dll
21:09:35.0285 7372 UxTuneUp - ok
21:09:35.0298 7372 [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] VaultSvc C:\Windows\system32\lsass.exe
21:09:35.0300 7372 VaultSvc - ok
21:09:35.0303 7372 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\Windows\system32\DRIVERS\vdrvroot.sys
21:09:35.0304 7372 vdrvroot - ok
21:09:35.0325 7372 [ 8C4E7C49D3641BC9E299E466A7F8867D ] vds C:\Windows\System32\vds.exe
21:09:35.0332 7372 vds - ok
21:09:35.0378 7372 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
21:09:35.0380 7372 vga - ok
21:09:35.0434 7372 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\Windows\System32\drivers\vga.sys
21:09:35.0435 7372 VgaSave - ok
21:09:35.0499 7372 [ 3BE6E1F3A4F1AFEC8CEE0D7883F93583 ] vhdmp C:\Windows\system32\DRIVERS\vhdmp.sys
21:09:35.0502 7372 vhdmp - ok
21:09:35.0515 7372 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\Windows\system32\DRIVERS\viaagp.sys
21:09:35.0517 7372 viaagp - ok
21:09:35.0532 7372 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\Windows\system32\DRIVERS\viac7.sys
21:09:35.0534 7372 ViaC7 - ok
21:09:35.0549 7372 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\Windows\system32\DRIVERS\viaide.sys
21:09:35.0551 7372 viaide - ok
21:09:35.0566 7372 [ 379B349F65F453D2A6E75EA6B7448E49 ] vmbus C:\Windows\system32\DRIVERS\vmbus.sys
21:09:35.0568 7372 vmbus - ok
21:09:35.0582 7372 [ EC2BBAB4B84D0738C6C83D2234DC36FE ] VMBusHID C:\Windows\system32\DRIVERS\VMBusHID.sys
21:09:35.0584 7372 VMBusHID - ok
21:09:35.0659 7372 [ 77F605657102488EAF6884D1FD29939F ] VMUVC C:\Windows\system32\Drivers\VMUVC.sys
21:09:35.0662 7372 VMUVC - ok
21:09:35.0672 7372 [ 384E5A2AA49934295171E499F86BA6F3 ] volmgr C:\Windows\system32\DRIVERS\volmgr.sys
21:09:35.0673 7372 volmgr - ok
21:09:35.0683 7372 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
21:09:35.0687 7372 volmgrx - ok
21:09:35.0702 7372 [ 58DF9D2481A56EDDE167E51B334D44FD ] volsnap C:\Windows\system32\DRIVERS\volsnap.sys
21:09:35.0705 7372 volsnap - ok
21:09:35.0717 7372 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
21:09:35.0719 7372 vsmraid - ok
21:09:35.0744 7372 [ 7EA2BCD94D9CFAF4C556F5CC94532A6C ] VSS C:\Windows\system32\vssvc.exe
21:09:35.0755 7372 VSS - ok
21:09:36.0669 7372 [ ACB73F3B2000FD9173E88614E3C45A89 ] vvftUVC C:\Windows\system32\drivers\vvftUVC.sys
21:09:36.0673 7372 vvftUVC - ok
21:09:36.0682 7372 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
21:09:36.0684 7372 vwifibus - ok
21:09:36.0692 7372 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\Windows\system32\w32time.dll
21:09:36.0699 7372 W32Time - ok
21:09:36.0720 7372 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
21:09:36.0722 7372 WacomPen - ok
21:09:36.0734 7372 [ 692A712062146E96D28BA0B7D75DE31B ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
21:09:36.0735 7372 WANARP - ok
21:09:36.0737 7372 [ 692A712062146E96D28BA0B7D75DE31B ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
21:09:36.0738 7372 Wanarpv6 - ok
21:09:36.0792 7372 [ 353A04C273EC58475D8633E75CCD5604 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
21:09:36.0846 7372 WatAdminSvc - ok
21:09:36.0879 7372 [ 7790B77FE1E5EE47DCC66247095BB4C9 ] wbengine C:\Windows\system32\wbengine.exe
21:09:36.0891 7372 wbengine - ok
21:09:36.0904 7372 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
21:09:36.0910 7372 WbioSrvc - ok
21:09:36.0955 7372 [ 59E19BD13C3BDB857646B9E436BA27F7 ] WcesComm C:\Windows\WindowsMobile\wcescomm.dll
21:09:36.0959 7372 WcesComm - ok
21:09:36.0991 7372 [ 6D9B75275C3E3A5F51AEF81AFFADB2B6 ] wcncsvc C:\Windows\System32\wcncsvc.dll
21:09:36.0996 7372 wcncsvc - ok
21:09:37.0000 7372 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
21:09:37.0005 7372 WcsPlugInService - ok
21:09:37.0007 7372 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\Windows\system32\DRIVERS\wd.sys
21:09:37.0009 7372 Wd - ok
21:09:37.0021 7372 [ 9950E3D0F08141C7E89E64456AE7DC73 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
21:09:37.0026 7372 Wdf01000 - ok
21:09:37.0041 7372 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\Windows\system32\wdi.dll
21:09:37.0045 7372 WdiServiceHost - ok
21:09:37.0047 7372 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\Windows\system32\wdi.dll
21:09:37.0050 7372 WdiSystemHost - ok
21:09:37.0127 7372 [ BB5EC38F8D4600119B4720BC5D4211F1 ] WebClient C:\Windows\System32\webclnt.dll
21:09:37.0133 7372 WebClient - ok
21:09:37.0147 7372 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\Windows\system32\wecsvc.dll
21:09:37.0153 7372 Wecsvc - ok
21:09:37.0159 7372 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\Windows\System32\wercplsupport.dll
21:09:37.0162 7372 wercplsupport - ok
21:09:37.0180 7372 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\Windows\System32\WerSvc.dll
21:09:37.0184 7372 WerSvc - ok
21:09:37.0202 7372 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
21:09:37.0203 7372 WfpLwf - ok
21:09:37.0225 7372 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\Windows\system32\drivers\wimmount.sys
21:09:37.0227 7372 WIMMount - ok
21:09:37.0284 7372 [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
21:09:37.0289 7372 WinDefend - ok
21:09:37.0339 7372 WinHttpAutoProxySvc - ok
21:09:37.0395 7372 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
21:09:37.0397 7372 Winmgmt - ok
21:09:37.0434 7372 [ C4F5D3901D1B41D602DDC196E0B95B51 ] WinRM C:\Windows\system32\WsmSvc.dll
21:09:37.0448 7372 WinRM - ok
21:09:37.0505 7372 [ 30FC6E5448D0CBAAA95280EEEF7FEDAE ] WINUSB C:\Windows\system32\DRIVERS\WinUSB.SYS
21:09:37.0507 7372 WINUSB - ok
21:09:37.0541 7372 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\Windows\System32\wlansvc.dll
21:09:37.0552 7372 Wlansvc - ok
21:09:37.0613 7372 [ 5144AE67D60EC653F97DDF3FEED29E77 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
21:09:37.0624 7372 wlidsvc - ok
21:09:37.0641 7372 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
21:09:37.0642 7372 WmiAcpi - ok
21:09:37.0658 7372 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
21:09:37.0660 7372 wmiApSrv - ok
21:09:37.0681 7372 [ 77FBD400984CF72BA0FC4B3489D65F74 ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
21:09:37.0690 7372 WMPNetworkSvc - ok
21:09:37.0704 7372 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\Windows\System32\wpcsvc.dll
21:09:37.0708 7372 WPCSvc - ok
21:09:37.0718 7372 [ B7F658A2EBC07129538AD9AB35212637 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
21:09:37.0722 7372 WPDBusEnum - ok
21:09:37.0764 7372 [ D8ECD27FBF0F8FC31695824DB9C1CB42 ] WPRO_41_2001 C:\Windows\system32\drivers\WPRO_41_2001.sys
21:09:37.0766 7372 WPRO_41_2001 - ok
21:09:37.0771 7372 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
21:09:37.0773 7372 ws2ifsl - ok
21:09:37.0783 7372 [ A661A76333057B383A06E65F0073222F ] wscsvc C:\Windows\System32\wscsvc.dll
21:09:37.0787 7372 wscsvc - ok
21:09:37.0789 7372 WSearch - ok
21:09:37.0842 7372 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
21:09:37.0893 7372 wuauserv - ok
21:09:37.0901 7372 [ 6F9B6C0C93232CFF47D0F72D6DB1D21E ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
21:09:37.0903 7372 WudfPf - ok
21:09:37.0918 7372 [ F91FF1E51FCA30B3C3981DB7D5924252 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
21:09:37.0920 7372 WUDFRd - ok
21:09:37.0934 7372 [ DDEE3682FE97037C45F4D7AB467CB8B6 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
21:09:37.0970 7372 wudfsvc - ok
21:09:38.0001 7372 [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc C:\Windows\System32\wwansvc.dll
21:09:38.0007 7372 WwanSvc - ok
21:09:38.0054 7372 [ CE0C846127D6ABB1E2A22E59682B2527 ] xnacc C:\Windows\system32\DRIVERS\xnacc.sys
21:09:38.0058 7372 xnacc - ok
21:09:38.0176 7372 [ A640C90B007762939507C28A021BE3B3 ] xusb21 C:\Windows\system32\DRIVERS\xusb21.sys
21:09:38.0178 7372 xusb21 - ok
21:09:38.0189 7372 ================ Scan global ===============================
21:09:38.0211 7372 [ 9A595DF601070DA78C40481120DD2C06 ] C:\Windows\system32\basesrv.dll
21:09:38.0228 7372 [ 008F51AE989C3DF1CBAF8B39DC423CCC ] C:\Windows\system32\winsrv.dll
21:09:38.0235 7372 [ 008F51AE989C3DF1CBAF8B39DC423CCC ] C:\Windows\system32\winsrv.dll
21:09:38.0253 7372 [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
21:09:38.0274 7372 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
21:09:38.0278 7372 [Global] - ok
21:09:38.0278 7372 ================ Scan MBR ==================================
21:09:38.0299 7372 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
21:09:38.0528 7372 \Device\Harddisk1\DR1 - ok
21:09:38.0546 7372 [ 413FC2A0C716421B3158746D63736515 ] \Device\Harddisk0\DR0
21:09:38.0714 7372 \Device\Harddisk0\DR0 - ok
21:09:38.0717 7372 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk2\DR3
21:09:38.0720 7372 \Device\Harddisk2\DR3 - ok
21:09:38.0721 7372 ================ Scan VBR ==================================
21:09:38.0723 7372 [ 826536B1889BF3105FA1C9A9DAE3F76A ] \Device\Harddisk1\DR1\Partition1
21:09:38.0724 7372 \Device\Harddisk1\DR1\Partition1 - ok
21:09:38.0736 7372 [ 567B0A97383192748655DDE0967CFCE3 ] \Device\Harddisk1\DR1\Partition2
21:09:38.0738 7372 \Device\Harddisk1\DR1\Partition2 - ok
21:09:38.0746 7372 [ CD4C98D825AE74599B000943A768DDF4 ] \Device\Harddisk0\DR0\Partition1
21:09:38.0747 7372 \Device\Harddisk0\DR0\Partition1 - ok
21:09:38.0760 7372 [ 32F72C0288CD78F6E37DF52B1CC630CC ] \Device\Harddisk0\DR0\Partition2
21:09:38.0761 7372 \Device\Harddisk0\DR0\Partition2 - ok
21:09:38.0763 7372 [ 04856F668BF79A16EEBFE320B75303DE ] \Device\Harddisk2\DR3\Partition1
21:09:38.0765 7372 \Device\Harddisk2\DR3\Partition1 - ok
21:09:38.0765 7372 ============================================================
21:09:38.0765 7372 Scan finished
21:09:38.0765 7372 ============================================================
21:09:38.0770 1868 Detected object count: 0
21:09:38.0770 1868 Actual detected object count: 0
21:10:23.0688 7276 Deinitialize success
-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Log z ComboFix:
ComboFix 13-04-23.02 - Rasty Kartas 23.04.2013 22:56:55.1.4 - x86
Microsoft Windows 7 Ultimate 6.1.7600.0.1250.420.1029.18.3233.1669 [GMT 2:00]
Spuštěný z: c:\users\Rasty Kartas\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\MW
c:\program files\MW\background.ole
c:\program files\MW\mw.themepack
c:\program files\MW\NO.bmp
c:\program files\MW\Uninstall.exe
c:\program files\MW\Uninstall.ini
c:\program files\MW\YES_on.bmp
c:\users\Rasty Kartas\AppData\Local\Temp\7zS1931\HPSLPSVC32.DLL
c:\users\RASTYK~1\AppData\Local\Temp\7zS1931\HPSLPSVC32.DLL
c:\windows\iun6002.exe
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
c:\windows\RazorDOX
c:\windows\RazorDOX\RazorDOX.dll
c:\windows\system32\muzapp.exe
c:\windows\system32\pt
c:\windows\system32\pt\AuthFWSnapIn.Resources.dll
c:\windows\system32\pt\AuthFWWizFwk.Resources.dll
c:\windows\system32\pt\Narrator.resources.dll
c:\windows\system32\WPRO_41_2001woem.tmp
D:\install.exe
H:\svchost.exe
J:\Autorun.inf
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_HPSLPSVC
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-03-23 do 2013-04-23 )))))))))))))))))))))))))))))))
.
.
2013-04-23 21:12 . 2013-04-23 21:12 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2013-04-23 21:12 . 2013-04-23 21:12 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-04-23 11:10 . 2013-04-23 11:10 -------- d-----w- c:\users\Rasty Kartas\AppData\Roaming\Unity
2013-04-23 10:19 . 2013-04-23 10:19 -------- d-----w- c:\users\Rasty Kartas\AppData\Local\Unity
2013-04-19 21:27 . 2013-04-19 21:27 -------- d-----w- c:\users\Rasty Kartas\AppData\Roaming\Malwarebytes
2013-04-19 21:27 . 2013-04-19 21:27 -------- d-----w- c:\programdata\Malwarebytes
2013-04-19 21:27 . 2013-04-19 21:27 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2013-04-19 21:27 . 2013-04-04 12:50 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-04-19 14:53 . 2013-04-19 14:53 388096 ----a-r- c:\users\Rasty Kartas\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2013-04-19 14:53 . 2013-04-19 14:53 -------- d-----w- c:\program files\Trend Micro
2013-04-14 17:52 . 2012-07-03 15:25 28008 ----a-w- c:\windows\system32\nvhdap32.dll
2013-04-14 17:52 . 2012-07-03 15:25 149352 ----a-w- c:\windows\system32\drivers\nvhda32v.sys
2013-04-14 17:52 . 2012-07-03 07:37 884072 ----a-w- c:\windows\system32\nvhdagenco3220103.dll
2013-04-14 17:52 . 2012-12-29 10:26 1017272 ----a-w- c:\windows\system32\nvdispco32.dll
2013-04-14 17:52 . 2012-12-29 10:26 8904632 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2013-04-14 17:52 . 2012-12-29 10:26 889784 ----a-w- c:\windows\system32\nvdispgenco32.dll
2013-04-14 17:52 . 2012-12-29 10:26 7931896 ----a-w- c:\windows\system32\nvcuda.dll
2013-04-14 17:52 . 2012-12-29 10:26 2720696 ----a-w- c:\windows\system32\nvcuvid.dll
2013-04-14 17:52 . 2012-12-29 10:26 20450232 ----a-w- c:\windows\system32\nvoglv32.dll
2013-04-14 17:52 . 2012-12-29 10:26 1985976 ----a-w- c:\windows\system32\nvcuvenc.dll
2013-04-14 17:52 . 2012-12-29 10:26 17560504 ----a-w- c:\windows\system32\nvcompiler.dll
2013-04-11 04:59 . 2013-04-11 04:59 -------- d-----w- c:\users\Rasty Kartas\AppData\Roaming\Sony Creative Software Inc
2013-04-06 19:31 . 2013-04-16 14:32 -------- d-----w- C:\Superstar 2013
2013-04-04 03:03 . 2013-04-04 03:13 -------- d-----w- c:\users\Rasty Kartas\AppData\Local\Anvil Studio
2013-04-04 02:39 . 2013-04-04 02:46 -------- d-----w- c:\program files\TallStick
2013-04-01 12:40 . 2013-04-01 12:46 -------- d-----w- c:\program files\Common Files\Nero
2013-03-31 23:08 . 2013-03-31 23:08 -------- d-----w- c:\program files\AGEIA Technologies
2013-03-31 23:06 . 2013-04-14 17:55 -------- d-----w- c:\windows\system32\NV
2013-03-31 22:59 . 2012-12-29 10:26 6263784 ----a-w- c:\windows\system32\nvopencl.dll
2013-03-31 22:59 . 2013-03-15 05:46 892704 ----a-w- c:\windows\system32\nvdispgenco3231422.dll
2013-03-31 22:59 . 2013-03-15 05:46 1012512 ----a-w- c:\windows\system32\nvdispco3231422.dll
2013-03-31 22:59 . 2012-12-29 10:26 201728 ----a-w- c:\windows\system32\nvinit.dll
2013-03-29 21:15 . 2013-04-23 19:18 -------- d-----w- c:\program files\Common Files\Steam
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-04-23 21:04 . 2013-04-23 13:43 60872 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{E8F45F8F-25EA-49D8-B5BD-9415C0C3E7EE}\offreg.dll
2013-04-14 19:25 . 2013-03-11 02:04 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-04-14 19:25 . 2013-03-11 02:04 691592 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-04-10 03:08 . 2013-04-22 20:33 6906960 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{E8F45F8F-25EA-49D8-B5BD-9415C0C3E7EE}\mpengine.dll
2013-03-14 20:42 . 2013-03-14 20:42 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-03-14 20:41 . 2012-08-06 16:25 782240 ----a-w- c:\windows\system32\deployJava1.dll
2013-03-14 20:41 . 2012-08-06 16:25 861088 ----a-w- c:\windows\system32\npDeployJava1.dll
2013-03-11 23:10 . 2012-08-02 17:25 237088 ------w- c:\windows\system32\MpSigStub.exe
2013-03-11 05:07 . 2013-03-11 05:07 1336832 ----a-w- C:\pecsetup.exe
2013-03-11 01:14 . 2013-03-11 01:14 1197784 ----a-w- C:\Adobe_Flash_Player_11.4.402.287_Downloader.exe
2013-03-11 01:10 . 2013-03-11 01:09 15846768 ----a-w- C:\install_flash_player_11_active_x_1.exe
2013-03-11 01:09 . 2013-03-11 01:09 16473456 ----a-w- C:\install_flash_player_11_plugin_1.exe
2013-03-11 01:09 . 2013-03-11 01:09 701808 ----a-w- C:\uninstall_flash_player.exe
2013-03-11 00:47 . 2013-03-11 00:41 32545076 ----a-w- C:\flash10.zip
2013-03-11 00:43 . 2013-03-11 00:39 21903026 ----a-w- C:\flash8.zip
2013-03-11 00:38 . 2013-03-11 00:38 633217 ----a-w- C:\flash2.zip
2013-03-10 23:10 . 2013-03-10 23:10 1004952 ----a-w- C:\install_flashplayer11x32_mssd_aih_2.exe
2013-03-10 23:09 . 2013-03-10 23:09 1004608 ----a-w- C:\install_flashplayer11x32_mssd_aih_1.exe
2013-03-10 23:08 . 2013-03-10 23:07 15846768 ----a-w- C:\install_flash_player_11_active_x.exe
2013-03-10 23:03 . 2013-03-10 23:01 16473456 ----a-w- C:\install_flash_player_11_plugin.exe
2013-03-10 23:00 . 2013-03-10 23:00 1004952 ----a-w- C:\install_flashplayer11x32_mssd_aih.exe
2013-03-06 23:33 . 2013-03-17 23:46 164736 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-03-06 23:33 . 2013-03-17 23:46 49248 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2013-03-06 23:33 . 2012-08-03 09:41 368176 ----a-w- c:\windows\system32\drivers\aswSP.sys
2013-03-06 23:33 . 2012-08-03 09:41 62376 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2013-03-06 23:33 . 2012-08-03 09:41 765736 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-03-06 23:33 . 2012-08-03 09:41 60656 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2013-03-06 23:33 . 2012-08-03 09:41 66336 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-03-06 23:33 . 2012-08-03 09:41 29816 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2013-03-06 23:32 . 2012-08-03 09:40 41664 ----a-w- c:\windows\avastSS.scr
2013-03-06 23:32 . 2012-08-03 09:40 228600 ----a-w- c:\windows\system32\aswBoot.exe
2013-02-20 23:56 . 2013-02-20 23:56 695383 ----a-w- C:\PSXeven_v0.19-1717.zip
2013-02-20 23:43 . 2013-02-20 23:42 3639 ----a-w- c:\windows\VGSCDAPI.VXD
2013-02-20 21:27 . 2013-02-20 21:27 56777 ----a-w- C:\zlib1.zip
2013-02-20 21:26 . 2013-02-20 21:26 81186 ----a-w- C:\zlib123-dll.zip
2013-02-20 20:57 . 2013-02-20 20:57 242846 ----a-w- C:\bios.zip
2013-02-20 17:46 . 2013-02-20 17:45 2824160 ----a-w- C:\PSX BIOS PACK.zip
2013-02-20 17:42 . 2013-02-20 17:42 241675 ----a-w- C:\SCPH7003.zip
2013-02-20 17:41 . 2013-02-20 17:41 250029 ----a-w- C:\Scph1000.zip
2013-02-20 17:41 . 2013-02-20 17:41 241658 ----a-w- C:\SCPH1001.zip
2013-02-20 17:23 . 2013-02-20 17:23 286473 ----a-w- C:\Scph7502_BIOS.zip
2013-02-20 17:22 . 2013-02-20 17:22 250029 ----a-w- C:\Scph1000_Bios.zip
2013-02-20 17:22 . 2013-02-20 17:22 241658 ----a-w- C:\PSX_Bios_SCPH1001.zip
2013-02-20 17:22 . 2013-02-20 17:22 286195 ----a-w- C:\PSX_Bios_41a.zip
2013-02-20 17:22 . 2013-02-20 17:22 480462 ----a-w- C:\PSO.zip
2013-02-20 16:47 . 2013-02-20 16:47 3889192 ----a-w- C:\PSX.zip
2013-02-18 23:49 . 2013-02-18 23:49 352256 ----a-w- c:\windows\eSellerateEngine.dll
2013-02-12 21:05 . 2013-02-12 20:58 15499620 ----a-w- C:\Crank.zip
2013-01-31 15:54 . 2012-11-20 23:47 22328 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2013-01-31 15:54 . 2012-12-14 08:28 103736 ----a-w- c:\windows\system32\PnkBstrB.exe
2013-01-24 19:57 . 2009-05-21 18:21 499712 ----a-w- c:\windows\system32\msvcp71.dll
2013-01-24 19:57 . 2009-05-21 16:57 348160 ----a-w- c:\windows\system32\msvcr71.dll
2013-04-11 19:27 . 2013-04-11 19:27 263064 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{2adefb8e-b923-35e6-86e2-2b7841f5d6a4}]
2009-11-25 10:47 297808 ----a-w- c:\windows\System32\mscoree.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-03-06 23:32 121968 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Seznam Postak"="c:\program files\Seznam.cz\bin\postak.exe" [2012-01-10 491040]
"uTorrent"="c:\program files\uTorrent\uTorrent.exe" [2013-04-13 802136]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1173504]
"OscarX7Mouse5Mode"="c:\program files\OscarX7Editor5Mode\OscarX7Editor5Mode\OscarEditor.exe" [2011-10-21 3518976]
"Steam"="h:\hry\Steam\steam.exe" [2013-04-19 1631144]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-01-12 144152]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-01-12 179992]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-01-12 188184]
"USB3MON"="c:\program files\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2012-01-26 291608]
"XFastUSB"="c:\program files\XFastUSB\XFastUsb.exe" [2012-08-02 5019360]
"OFFICEKB"="c:\program files\Labtec\Keyboard\V5.1\kbdap32a.exe" [2012-08-02 387584]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-03-06 4767304]
"SysMetrix"="c:\program files\SysMetrix\SysMetrix.exe" [2006-02-25 2637824]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2011-10-17 11430504]
"RPCResolver"="c:\archive\data\WinINIT.vbs" [2012-10-03 192]
"TkBellExe"="c:\program files\Real\RealPlayer\update\realsched.exe" [2013-01-24 295072]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Samsung.PCSync"="c:\program files\Samsung\Samsung PC Studio 7\PcSync2.exe" [2009-06-04 1294336]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\System32\nvinit.dll
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"Steam"="d:\hry\Steam\steam.exe" -silent
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"THXCfg32"=c:\windows\system32\RunDLL32.exe c:\windows\system32\THXCfg32.dll,RunDLLEntry THXCfg32
"VIRTU MVP"=c:\program files\Lucidlogix Technologies\VIRTU MVP\MVPControlPanel.Exe /hide
"HP Software Update"=c:\program files\HP\HP Software Update\HPWuSchd2.exe
"hpqSRMon"=c:\program files\HP\Digital Imaging\bin\hpqSRMon.exe
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe"
"CmPCIaudio"=RunDll32 CMICNFG3.cpl,CMICtrlWnd
"NeroFilterCheck"=c:\program files\Common Files\Ahead\Lib\NeroCheck.exe
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe"
"TkBellExe"="c:\program files\Real\RealPlayer\update\realsched.exe" -osboot
"UpdReg"=c:\windows\UpdReg.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiSpyWareDisableNotify"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"AntiVirusOverride"=dword:00000001
"AntiSpywareOverride"=dword:00000001
"FirewallOverride"=dword:00000001
.
R2 AxAutoMntSrv;Alcohol Virtual Drive Auto-mount Service;c:\program files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [x]
R2 Intel(R) ME Service;Intel(R) ME Service;c:\program files\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [x]
R3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\Drivers\ssadadb.sys [x]
R3 aswVmm;aswVmm; [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys [x]
R3 dgderdrv;dgderdrv;c:\windows\system32\drivers\dgderdrv.sys [x]
R3 EverestDriver;Lavalys EVEREST Kernel Driver;c:\program files\Lavalys\EVEREST Ultimate Edition\kerneld.wnt [x]
R3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\DRIVERS\ewusbnet.sys [x]
R3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys [x]
R3 GPU-Z;GPU-Z;c:\users\RASTYK~1\AppData\Local\Temp\GPU-Z.sys [x]
R3 Sony PC Companion;Sony PC Companion;c:\program files\Sony\Sony PC Companion\PCCService.exe [x]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys [x]
R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys [x]
R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys [x]
R3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);c:\windows\system32\DRIVERS\ssadserd.sys [x]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys [x]
R3 VMUVC;Vimicro Camera Service VMUVC;c:\windows\system32\Drivers\VMUVC.sys [x]
R3 vvftUVC;Vimicro Camera Filter Service VMUVC;c:\windows\system32\drivers\vvftUVC.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S0 asahci32;asahci32;c:\windows\system32\DRIVERS\asahci32.sys [x]
S0 AsrRamDisk;AsrRamDisk;c:\windows\system32\DRIVERS\AsrRamDisk.sys [x]
S0 aswRvrt;aswRvrt; [x]
S0 iaStorA;iaStorA;c:\windows\system32\DRIVERS\iaStorA.sys [x]
S0 iaStorF;iaStorF;c:\windows\system32\DRIVERS\iaStorF.sys [x]
S0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hcs.sys [x]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 FNETURPX;FNETURPX;c:\windows\system32\drivers\FNETURPX.SYS [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
S2 cpuz135;cpuz135;c:\windows\system32\drivers\cpuz135_x32.sys [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 ISCTAgent;ISCT Always Updated Agent;c:\program files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 NAUpdate;Nero Update;c:\program files\Nero\Update\NASvc.exe [x]
S2 PanService;PandoraService;c:\program files\PANDORA.TV\PanService\PandoraService.exe [x]
S2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;c:\program files\RealNetworks\RealDownloader\rndlresolversvc.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 ALSysIO;ALSysIO;c:\users\RASTYK~1\AppData\Local\Temp\ALSysIO.sys [x]
S3 FNETTBOH_305;FNETTBOH_305;c:\windows\system32\drivers\FNETTBOH_305.SYS [x]
S3 ikbevent;Intel Upper keyboard Class Filter Driver;c:\windows\system32\DRIVERS\ikbevent.sys [x]
S3 imsevent;Intel Upper Mouse Class Filter Driver;c:\windows\system32\DRIVERS\imsevent.sys [x]
S3 ISCT;Intel(R) Smart Connect Technology Device Driver;c:\windows\system32\DRIVERS\ISCTD.sys [x]
S3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3xhc.sys [x]
S3 MBfilt;MBfilt;c:\windows\system32\drivers\MBfilt32.sys [x]
S3 MEI;Intel(R) Management Engine Interface ;c:\windows\system32\DRIVERS\HECI.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [x]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*Deregistered* - WPRO_41_2001
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPService REG_MULTI_SZ HPSLPSVC
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
WindowsMobile REG_MULTI_SZ wcescomm rapimgr
LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-04-10 15:22 1642448 ----a-w- c:\program files\Google\Chrome\Application\26.0.1410.64\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-04-23 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-09-21 12:16]
.
2013-04-23 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-09-21 12:16]
.
2013-04-20 c:\windows\Tasks\ReclaimerUpdateFiles_Rasty Kartas.job
- c:\users\Rasty Kartas\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\10.40\agent\rnupgagent.exe [2013-03-26 01:43]
.
2013-04-21 c:\windows\Tasks\ReclaimerUpdateXML_Rasty Kartas.job
- c:\users\Rasty Kartas\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\10.40\agent\rnupgagent.exe [2013-03-26 01:43]
.
2013-04-23 c:\windows\Tasks\RNUpgradeHelperLogonPrompt_Rasty Kartas.job
- c:\users\Rasty Kartas\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\10.40\agent\rnupgagent.exe [2013-03-26 01:43]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.cz/
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: {{230D1201-7607-4CF6-A11F-9E4BF0A333E0} - {0DB13731-CEFD-43CF-A8FD-B61DCBC4D5B8} - c:\program files\Verdict Free\etnxp.dll
IE: {{2C73F784-D2DE-4422-B070-2E3332FE5744} - {0320AC26-52C8-4316-B2C4-24BB6FA73C9A} - c:\program files\Verdict Free\etnxp.dll
TCP: DhcpNameServer = 192.168.1.10
FF - ProfilePath - c:\users\Rasty Kartas\AppData\Roaming\Mozilla\Firefox\Profiles\zyydg4z3.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: keyword.URL - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF - ExtSQL: 2013-03-11 16:06; jid0-irAmugmQgdURBSCIFZAcjR8ZQMg@jetpack; c:\users\Rasty Kartas\AppData\Roaming\Mozilla\Firefox\Profiles\zyydg4z3.default\extensions\jid0-irAmugmQgdURBSCIFZAcjR8ZQMg@jetpack.xpi
FF - ExtSQL: 2013-03-16 02:40; {1018e4d6-728f-4b20-ad56-37578a4de76b}; c:\users\Rasty Kartas\AppData\Roaming\Mozilla\Firefox\Profiles\zyydg4z3.default\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}
FF - ExtSQL: !HIDDEN! 2012-08-10 21:39; smartwebprinting@hp.com; c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF - ExtSQL: !HIDDEN! 2013-02-05 17:33; hotfix@mozilla.org; c:\users\Rasty Kartas\AppData\Roaming\Mozilla\Firefox\Extensions\MozillaHotfix
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-Cool's_Codec_pack_4.12 - c:\windows\iun6002.exe
AddRemove-Serious Sam - The Second Encounter - h:\hry\Serious Sam - The Second Encounter\uninstall.exe
AddRemove-Dexter The Game - h:\hry\Icarus Studios
AddRemove-mw_folder - c:\program files\mw\uninstall.exe
AddRemove-SP_b0285714 - c:\program files\WebSearch\uninstall.exe
AddRemove-{9C5216D0-1D91-5A8F-7707-4392F0D82047} - c:\progra~2\INSTAL~2\{0CB08~1\Setup.exe
AddRemove-{C670DCAE-E392-AA32-6F42-143C7FC4BDFD} - c:\programdata\Search-NewTab\uninstall.exe
AddRemove-01_Simmental - c:\program files\Samsung\USB Drivers\01_Simmental\Uninstall.exe
AddRemove-02_Siberian - c:\program files\Samsung\USB Drivers\02_Siberian\Uninstall.exe
AddRemove-03_Swallowtail - c:\program files\Samsung\USB Drivers\03_Swallowtail\Uninstall.exe
AddRemove-04_semseyite - c:\program files\Samsung\USB Drivers\04_semseyite\Uninstall.exe
AddRemove-07_Schorl - c:\program files\Samsung\USB Drivers\07_Schorl\Uninstall.exe
AddRemove-09_Hsp - c:\program files\Samsung\USB Drivers\09_Hsp\Uninstall.exe
AddRemove-11_HSP_Plus_Default - c:\program files\Samsung\USB Drivers\11_HSP_Plus_Default\Uninstall.exe
AddRemove-16_Shrewsbury - c:\program files\Samsung\USB Drivers\16_Shrewsbury\Uninstall.exe
AddRemove-20_NXP_Driver - c:\program files\Samsung\USB Drivers\20_NXP_Driver\Uninstall.exe
AddRemove-24_flashusbdriver - c:\program files\Samsung\USB Drivers\24_flashusbdriver\Uninstall.exe
AddRemove-25_escape - c:\program files\Samsung\USB Drivers\25_escape\Uninstall.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\EverestDriver]
"ImagePath"="\??\c:\program files\Lavalys\EVEREST Ultimate Edition\kerneld.wnt"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-2518957177-3384376808-1782611467-1000\Software\SecuROM\License information*]
"datasecu"=hex:8b,50,27,3c,1b,c1,15,cc,d3,65,cd,fc,be,55,53,18,51,f9,29,3f,9c,
65,eb,8b,d1,b4,0d,7d,8d,01,a7,1b,91,7c,ef,a9,f2,5e,51,86,be,e6,e3,18,1c,29,\
"rkeysecu"=hex:2f,0f,d5,3e,02,2b,06,63,b1,0b,dd,b6,71,e2,54,98
.
[HKEY_USERS\S-1-5-21-2518957177-3384376808-1782611467-1000\Software\Trolltech\OrganizationDefaults\Qt Factory Cache 4.7\com.trolltech.Qt.QImageIOHandlerFactoryInterface:\h:\Hry\B*a*t*t*l*e*f*i*e*l*d* *3*"!\Core\imageformats]
"qgif4.dll"=multi:"2011-10-10T17:42\00gif\00\00"
"qico4.dll"=multi:"2011-10-10T17:42\00ico\00\00"
"qjpeg4.dll"=multi:"2011-10-10T17:42\00jpeg\00jpg\00\00"
.
[HKEY_USERS\S-1-5-21-2518957177-3384376808-1782611467-1000\Software\Trolltech\OrganizationDefaults\Qt Factory Cache 4.7\com.trolltech.Qt.QTextCodecFactoryInterface:\h:\Hry\B*a*t*t*l*e*f*i*e*l*d* *3*"!\Core\codecs]
"qcncodecs4.dll"=multi:"2011-10-10T17:42\00GB18030\00GBK\00GB2312\00CP936\00MS936\00windows-936\00MIB: 114\00MIB: 113\00MIB: 2025\00\00"
"qkrcodecs4.dll"=multi:"2011-10-10T17:42\00EUC-KR\00cp949\00MIB: 38\00MIB: -949\00\00"
"qtwcodecs4.dll"=multi:"2011-10-10T17:42\00Big5\00Big5-HKSCS\00Big5-ETen\00CP950\00MIB: 2026\00MIB: 2101\00\00"
.
[HKEY_USERS\S-1-5-21-2518957177-3384376808-1782611467-1000\Software\Trolltech\OrganizationDefaults\Qt Plugin Cache 4.7.false\h:\hry\B*a*t*t*l*e*f*i*e*l*d* *3*"!\Core\codecs]
"qcncodecs4.dll"=multi:"40703\000\00Windows msvc release full-config QT_NO_DRAGANDDROP\002011-10-10T17:42\00\00"
"qjpcodecs4.dll"=multi:"40602\000\00Windows msvc release full-config\002011-10-10T17:42\00\00"
"qjpcodecsd4.dll"=multi:"40703\001\00Windows msvc debug full-config QT_NO_DRAGANDDROP\002011-10-10T17:42\00\00"
"qkrcodecs4.dll"=multi:"40703\000\00Windows msvc release full-config QT_NO_DRAGANDDROP\002011-10-10T17:42\00\00"
"qtwcodecs4.dll"=multi:"40703\000\00Windows msvc release full-config QT_NO_DRAGANDDROP\002011-10-10T17:42\00\00"
.
[HKEY_USERS\S-1-5-21-2518957177-3384376808-1782611467-1000\Software\Trolltech\OrganizationDefaults\Qt Plugin Cache 4.7.false\h:\hry\B*a*t*t*l*e*f*i*e*l*d* *3*"!\Core\imageformats]
"Microsoft.VC80.CRT.manifest"=multi:"0\001\00unknown\002011-10-10T17:42\00\00"
"msvcr80.dll"=multi:"0\001\00unknown\002011-10-10T17:42\00\00"
"qgif4.dll"=multi:"40703\000\00Windows msvc release full-config QT_NO_DRAGANDDROP\002011-10-10T17:42\00\00"
"qico4.dll"=multi:"40703\000\00Windows msvc release full-config QT_NO_DRAGANDDROP\002011-10-10T17:42\00\00"
"qjpeg4.dll"=multi:"40703\000\00Windows msvc release full-config QT_NO_DRAGANDDROP\002011-10-10T17:42\00\00"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_6_602_180_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_6_602_180_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'Explorer.exe'(4104)
c:\program files\Samsung\Samsung PC Studio 7\phonebrowser.dll
c:\program files\Samsung\Samsung PC Studio 7\PCSCM_Samsung.dll
c:\program files\Samsung\Samsung PC Studio 7\Lang\PhoneBrowser_eng.nlr
c:\program files\Samsung\Samsung PC Studio 7\Resource\PhoneBrowser_Samsung.ngr
c:\program files\Labtec\Keyboard\V5.1\KBDDL32A.DLL
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files\NVIDIA Corporation\Display\nvxdsync.exe
c:\windows\system32\nvvsvc.exe
c:\windows\system32\conhost.exe
c:\windows\system32\taskhost.exe
c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\windows\system32\PnkBstrA.exe
c:\program files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
c:\program files\Core Temp\Core Temp.exe
c:\windows\system32\conhost.exe
c:\archive\data\svchost.exe
c:\program files\Common Files\Java\Java Update\jucheck.exe
c:\windows\system32\taskhost.exe
c:\program files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
c:\windows\system32\DllHost.exe
c:\windows\system32\AUDIODG.EXE
d:\other\Screenshoter\Screenshoter.exe
.
**************************************************************************
.
Celkový čas: 2013-04-23 23:36:47 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-04-23 21:36
.
Před spuštěním: 4 502 237 184
Po spuštění: 3 675 734 016
.
- - End Of File - - E655C75FB1087733322061AFD2FDD5EC
Kdo je online
Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 11 hostů